cvedb.io
CVE-2026-26340
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2026-02-24T20:27:47.793 · Last modified 2026-06-17T10:26:07.577

Summary

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of surveillance data.

Affected products

tattile — smart\+_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when tattile ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.