CVE-2026-1341

UNKNOWN 0.0

Missing Authentication for Critical Function in Avation Light Engine Pro

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

9th

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control.

CWE	CWE-306
Vendor	avation
Product	avation light engine pro
Published	Feb 3, 2026
Last Updated	Jun 4, 2026

Stay Ahead of the Next One

Get instant alerts for avation avation light engine pro

Be the first to know when new unknown vulnerabilities affecting avation avation light engine pro are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Avation / Avation Light Engine Pro

All

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cisa.gov: https://www.cisa.gov/news-events/ics-advisories/icsa-26-034-02 github.com: https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-02.json avation.co.nz: https://avation.co.nz/contact-us/

Credits

Souvik Kandar reported this vulnerability to CISA