CVE-2026-49192EPSS p3.5%

CVE-2026-49192CVE-2026-49192

acer / connect_m6e_5g_firmware

Description

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping.

Scoring

CVSS 5.4 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS0.14% probability of exploitation · percentile 3.5% · 2026-06-19T12:03:05Z
Last modified2026-06-04

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-49196
CVE
CVE-2026-24789
CVE
CVE-2025-40805
CVE
CVE-2025-48469
CVE
CVE-2025-3090
CVE
CVE-2026-0418
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.