cvedb.io
CVE-2026-33362
HIGH · CVSS 8.6
EPSS exploitation probability: 0%
Published 2026-05-11T17:16:31.083 · Last modified 2026-06-17T10:37:22.680

Summary

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and white-label Android apps <= 1.8.x (latest observed), multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.