CVE-2026-26341

UNKNOWN 0.0

Tattile Smart+ / Vega / Basic <= 1.181.5 Default Credentials

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to device configuration and data.

CWE	CWE-1392
Vendor	tattile s.r.l.
Product	smart+
Published	Feb 24, 2026
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for tattile s.r.l. smart+

Be the first to know when new unknown vulnerabilities affecting tattile s.r.l. smart+ are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Tattile s.r.l. / Smart+

0 ≤ 1.181.5

Tattile s.r.l. / Tolling+

0 ≤ 1.181.5

Tattile s.r.l. / Smart+ Speed

0 ≤ 1.181.5

Tattile s.r.l. / Smart+ Traffic Light

0 ≤ 1.181.5

Tattile s.r.l. / Axle Counter

0 ≤ 1.181.5

Tattile s.r.l. / Vega53

0 ≤ 1.181.5

Tattile s.r.l. / Vega33

0 ≤ 1.181.5

Tattile s.r.l. / Vega11

0 ≤ 1.181.5

Tattile s.r.l. / Basic MK2

0 ≤ 1.181.5

Tattile s.r.l. / ANPR Mobile

0 ≤ 1.181.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

zeroscience.mk: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5977.php tattile.com: https://www.tattile.com/ vulncheck.com: https://www.vulncheck.com/advisories/tattile-smart-vega-basic-default-credentials

Credits

Gjoko Krstic of Zero Science Lab