What is CVE-2026-50099?

CVE-2026-50099 is a medium-severity vulnerability, classified under Insertion of Sensitive Information into Externally-Accessible File or Directory. CVSS score: 4.6/10. Published 2026-06-12.

How severe is CVE-2026-50099?

Medium severity. CVSS v3 base score is 4.6 out of 10.

CVE-2026-50099

CVE-2026-50099

During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and…

CVSS v3 metric

CVSS v3 base score 4.6 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Weakness classification (CWE)

CWE-538 — Insertion of Sensitive Information into Externally-Accessible File or Directory

References

ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov

Frequently asked questions

What is CVE-2026-50099?: CVE-2026-50099 is a medium-severity vulnerability, classified under Insertion of Sensitive Information into Externally-Accessible File or Directory. CVSS score: 4.6/10. Published 2026-06-12.
How severe is CVE-2026-50099?: Medium severity. CVSS v3 base score is 4.6 out of 10.