CVE-2026-8676HIGH 8.8EPSS p10.1%

CVE-2026-8676CVE-2026-8676

Description

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.20% probability of exploitation · percentile 10.1% · 2026-06-19T12:03:05Z
Published2026-05-26
Last modified2026-05-26

Underlying weaknesses· 1

CWE-290

References

  1. https://community.silabs.com/068Vm00000p3N9C
  2. https://www.silabs.com/documents/public/release-notes/bt-software-release-notes-9.0.0.0.pdf

1

TypeTargetConfidenceTier
WeaknessAuthentication Bypass by Spoofingcwe-2900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-0097
CVE
CVE-2026-50212
CVE
CVE-2026-0045
CVE
CVE-2025-10457
CVE
CVE-2026-0050
CVE
CVE-2026-0095
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.