CRITICAL
KMW
CVE published 2026-05-29
CVE-2026-5386
A critical unauthenticated password reset vulnerability in KMW CCTV Security Cameras allows remote attackers to reset the administrator password without authentication, granting full access to camera feeds and settings. The vulnerability carries a CVSS 3.1 score of 9.1 (Critical) with network attack vector, low attack complexity, no privileges required, and no user interaction needed. The weakness is cate [truncated]