Known Vulnerabilities for Aqara IAM/SSO Gateway by Aqara
Listed below are 4 of the newest known vulnerabilities associated with "Aqara IAM/SSO Gateway" by "Aqara".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-50089 json | The Aqara IAM/SSO Gateway (gw-builder.aqara.com) provides an open redirect, which is an instance of "CWE-601: URL Redirection... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-50087 json | The Aqara IAM/SSO gateway (gw-builder.aqara.com) exhibits a cross-origin request sharing vulnerability, which is an instance ... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-50086 json | The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key wit... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-50083 json | The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is an instance of "CWE-798:... | Not Provided | 2026-06-12 | 2026-06-12 |