MEDIUM
Nanoleaf
CVE published 2026-03-25
CVE-2026-33268
CVE-2026-33268 is a vulnerability in Nanoleaf Lines 12.3.2 that allows unauthenticated firmware file uploads. A remote attacker can exploit this vulnerability to upload firmware files on the device, consuming storage resources. The vulnerability was fixed in version 12.3.6. According to the CVSS score of 6.5, the severity is rated as MEDIUM. The vulnerability was published on March 25, 2026, and modified [truncated]