HIGH
MAXHUB
CVE published 2026-05-07
CVE-2026-6411
CVE-2026-6411 affects MAXHUB Pivot client application versions prior to v1.36.2. According to the CISA advisory, the application may let an attacker recover encrypted tenant email addresses and related metadata from any tenant because a hardcoded AES key is present in the client. The same advisory also notes a denial-of-service risk if an attacker enrolls multiple unauthorized devices into a tenant via MQ [truncated]