Gardyn Gardyn Cloud Api
3 CVEs affecting Gardyn Gardyn Cloud Api. Latest disclosed: 2026-07-03. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-13768 | Critical | 10.0 | 2026-07-03 | Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke an IoTHub Registry Manager function which returns… |
CVE-2026-54477 | Medium | 5.4 | 2026-07-03 | The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks. |
CVE-2026-55726 | Medium | 5.3 | 2026-07-03 | The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device l… |