Home / Vulnerability Intelligence / CVE-2026-40630

CVE-2026-40630 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: April 24, 2026

SenseLive X3050 - Authentication Bypass

Published: April 24, 2026Updated: April 24, 2026Remote Exploitable

Overview

SenseLive X3050 contains an authentication bypass caused by improper access control enforcement in the web management interface, letting attackers with network access bypass authentication and access sensitive configuration endpoints.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 9.3%(Probability of exploitation in next 30 days)

Impact

Attackers can bypass authentication to access and modify sensitive device configurations, potentially compromising device security.

Mitigation

Update to the latest version with proper access control enforcement.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Apr 24, 2026

🔴 CVE-2026-40630 - Critical (9.8) A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker with network access to the device may be able to bypass the i... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40630/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-40630
Severity: Critical
CVSS Score: 9.8
Type: broken_authentication
Status: unconfirmed
EPSS: 9.3%
Social Posts: 1

CWE

CWE-288

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

9.3%Probability of exploitation in the next 30 days