← back
CVE-2026-32662

Gardyn Cloud API Active Debug Code

CVSS 6.9 MEDIUMEPSS 0.3%CWE-489
Vexday Risk Score
33Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 6.9EPSS 0.3%KEV nãoPoC públicaNuclei Metasploit Patch
Lifecycle
03 Apr 2026Published on NVD
07 Apr 2026Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
Development and test API endpoints are present that mirror production functionality.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
Gardyn · Cloud API
public PoCs found1
githubgithub.com/MichaelAdamGroberman/CVE-2026-326620
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-055-03.jsonhttps://mygardyn.com/security/https://www.cisa.gov/news-events/ics-advisories/icsa-26-055-03