Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.7 views

CVE-2026-6411

This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...

7.3CVSS5.4AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.20 views

PT-2026-40969

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.82.0 Description A flaw in the Windows MDM enrollment flow allows authentication tokens from any Azure AD tenant to be accepted. The software validates JWT JSON Web Token signatures using Microsoft's multi-tenant JWKS...

8.2CVSS5.8AI score0.00381EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/07 10:25 p.m.10 views

CVE-2026-6411 MAXHUB Pivot Client Application Use of a Broken or Risky Cryptographic Algorithm

This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...

7.3CVSS5.8AI score0.00159EPSS
Exploits0References3
CVE
CVE
added 2026/05/07 10:25 p.m.21 views

CVE-2026-6411

The CVE-2026-6411 issue affects MAXHUB Pivot client applications before v1.36.2. It stems from a hardcoded AES key, allowing decrypting encrypted tenant email addresses and related metadata, resulting in cleartext exposure. Additionally, an attacker could trigger a denial-of-service by enrolling ...

7.3CVSS5.8AI score0.00159EPSS
Exploits0References3
Rows per page
Query Builder