CVE-2026-44877
Unauthenticated Remote Disclosure of Cryptographic Secrets
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
07 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
Hewlett Packard Enterprise (HPE) · HPE Networking Instant On