CVE-2026-49186
Basic Information
| Severity | HIGH |
|---|---|
| Base Score | 8.6 |
| CNA | Acer |
| Published Date | 2026-06-03 23:36:59 UTC |
| Last Modified | 2026-06-03 23:36:59 UTC |
| CVE.org Link | https://www.cve.org/CVERecord?id=CVE-2026-49186 |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2026-49186 |
Description
The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden network devices or publish rogue control commands.
Affected Products
| Vendor | Product |
|---|---|
| acer | connect m6e 5g portable wifi router |