CVE-2026-4584

LOW NVD

CVSS Score 3.1

Severity LOW

Published Mar 23, 2026

Vendor unknown

Description

A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. This affects an unknown part of the component Cardholder Data Handler. Executing a manipulation can lead to cleartext transmission of sensitive information. The attack requires access to the local network. The attack requires a high level of complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way.

References

https://github.com/Davim09/m6plusexploit/blob/main/docs/CVE-3-DataExposure.md
https://vuldb.com/?ctiid.352421
https://vuldb.com/?id.352421
https://vuldb.com/?submit.775435