What is CVE-2026-6411?

CVE-2026-6411 is a high-severity vulnerability in Maxhub Pivot Client Application, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 7.3/10. Published 2026-05-07.

How severe is CVE-2026-6411?

High severity. CVSS v3 base score is 7.3 out of 10.

Vulnerability in Maxhub Pivot Client Application

CVE-2026-6411

This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key with…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.000 (5.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Maxhub Pivot Client Application — versions 0, 1.36.2

Weakness classification (CWE)

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm

References

Frequently asked questions

What is CVE-2026-6411?: CVE-2026-6411 is a high-severity vulnerability in Maxhub Pivot Client Application, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 7.3/10. Published 2026-05-07.
How severe is CVE-2026-6411?: High severity. CVSS v3 base score is 7.3 out of 10.