[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-35503":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-24T12:20:52.508Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":29,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":32,"related":33,"reserved_at":9,"published_at":34,"modified_at":34,"state":35,"summary":36,"references_raw":43,"kevs":57,"epss":9,"epss_history":58,"metrics":59,"affected":71},"CVE-2026-35503","A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these exposed parameters and gain unauthorized access to administrative functionality.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-798","Use of Hard-coded Credentials","The product contains hard-coded credentials, such as a password or cryptographic key.","weakness","Draft","Base","High",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-191","Read Sensitive Constants Within an Executable",[],{"id":25,"name":26,"techniques":27},"CAPEC-70","Try Common or Default Usernames and Passwords",[],[],[],[],[],[],[],"2026-04-23T23:50:03.513Z","Received",{"cisa_kev":37,"cisa_ransomware":37,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":38,"severity_score":39,"severity_version":40,"severity_source":41,"severity_vector":42,"severity_status":35},false,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[44,49,53],{"url":45,"sources":46,"tags":48},"https://senselive.io/contact",[41,47],"nvd",[],{"url":50,"sources":51,"tags":52},"https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12",[41,47],[],{"url":54,"sources":55,"tags":56},"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json",[41,47],[],[],[],[60,67],{"source":41,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":61,"cvss_v4_0":64},{"baseScore":39,"baseSeverity":62,"vectorString":42,"impactScore":39,"exploitabilityScore":63},"CRITICAL",10,{"baseScore":65,"baseSeverity":62,"vectorString":66,"impactScore":9,"exploitabilityScore":9},9.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",{"source":47,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":68,"cvss_v4_0":69},{"baseScore":39,"baseSeverity":62,"vectorString":42,"impactScore":39,"exploitabilityScore":63},{"baseScore":65,"baseSeverity":62,"vectorString":70,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",[72],{"ecosystem":9,"name":73,"vendor":74,"product":75,"cpe_part":76,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":77},"X3050","senselive","x3050","a",[78],{"version":79,"is_range":37,"range_type":41,"version_start":79,"version_start_type":80,"version_end":79,"version_end_type":80,"fixed_in":9},"V1.523","including"]