What is CVE-2026-52866?

CVE-2026-52866 is a medium-severity vulnerability in Apollo Pharmacy Blood Glucose Monitoring System (Model No. Apg-01 Bt), classified under Missing Authorization. CVSS score: 6.5/10. Published 2026-06-19.

How severe is CVE-2026-52866?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Auth bypass in Apollo Pharmacy Blood Glucose Monitoring System (Model No. Apg-01 Bt)

CVE-2026-52866

An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection.

Vulnerability class: Broken Access Control

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Apollo Pharmacy Blood Glucose Monitoring System (Model No. Apg-01 Bt) — versions 0x0110_v1.1.0

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov

Frequently asked questions

What is CVE-2026-52866?: CVE-2026-52866 is a medium-severity vulnerability in Apollo Pharmacy Blood Glucose Monitoring System (Model No. Apg-01 Bt), classified under Missing Authorization. CVSS score: 6.5/10. Published 2026-06-19.
How severe is CVE-2026-52866?: Medium severity. CVSS v3 base score is 6.5 out of 10.