CVE-2026-32683 MEDIUM

CVE-2026-32683

Vendor Ezviz
Product EZVIZ APP
Published May 9, 2026
Last update May 12, 2026

CVSS base score

5.3/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video encryption feature.

Key dates

02Disclosure timeline

May 9, 2026 CVE published
May 12, 2026 Record updated