Ctrl + K
/ news / CVE
CVEPublished 2026-02-24Modified 2026-04-061 article on news5 live referencesNVD data

CVE-2026-2459Hitachienergy · Reb500_firmware

Vulnerability data via NVD (ingested)

CVSS v3.1
8.1
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS percentile
Weaknesses (CWE)
CWE-267Privilege Defined With Unsafe Actions
Description

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.

Timeline
Published 2026-02-24
Modified 2026-04-06

External references

NVDMITREExploit-DBSploitusVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-2459
Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · OS
os:"Reb500 Firmware"
Hosts Shodan identified as running Reb500 Firmware.
More intel sources (5)
Shodan report
vuln:CVE-2026-2459
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-2459
Censys host search filtered to this CVE id.
grep.app
CVE-2026-2459
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-2459
GitHub code search for direct mentions.
Google dork
"CVE-2026-2459" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (2)

CVE-2026-24592 repos
hiifong/starListPython
Export your star's repository list
★ 18·updated today
oslook/n8n-workflowsunknown
4200 + Workflow Automation Templates are Grouped by Categories/Services for easy navigation
★ 6·updated 10mo ago
Articles on news mentioning CVE-2026-2459