Cloud Api

cloud_api

Vendor: Mygardyn • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-32662 1Mygardyn 1Cloud Api Apr 22, 2026 Apr 3, 2026 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 Development and test API endpoints are present that mirror production functionality.
CVE-2026-32646 1Mygardyn 1Cloud Api Apr 22, 2026 Apr 3, 2026 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 A specific administrative endpoint is accessible without proper authentication, exposing device management functions.
CVE-2026-28767 1Mygardyn 1Cloud Api Apr 22, 2026 Apr 3, 2026 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 A specific administrative endpoint notifications is accessible without proper authentication.
CVE-2026-28766 1Mygardyn 1Cloud Api Apr 22, 2026 Apr 3, 2026 9.2 CRITICAL· v4 7.5 HIGH· v3 N/A· v2 A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication.
CVE-2026-25197 1Mygardyn 1Cloud Api Apr 22, 2026 Apr 3, 2026 9.3 CRITICAL· v4 8.1 HIGH· v3 N/A· v2 A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call.