CVE-2026-40630CRITICAL 9.8EPSS p44.2%

CVE-2026-40630CVE-2026-40630

Description

A vulnerability in  SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker with network access to the device may be able to bypass the intended authentication mechanism and directly interact with sensitive configuration functions.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.60% probability of exploitation · percentile 44.2% · 2026-06-18T12:00:27Z
Published2026-04-24
Last modified2026-04-28

Underlying weaknesses· 1

CWE-288

References

  1. https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json
  2. https://senselive.io/contact
  3. https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12

1

TypeTargetConfidenceTier
WeaknessAuthentication Bypass Using an Alternate Path or Channelcwe-2880%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-40620
CVE
CVE-2026-35503
CVE
CVE-2026-25775
CVE
CVE-2026-40623
CVE
CVE-2026-27841
CVE
CVE-2026-39462
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.