CVE-2026-26341 — CRITICAL (9.8)

Q: How severe is CVE-2026-26341?

CVE-2026-26341 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2026-26341?

Check the references section above for vendor advisories and patch information. Affected products include: Tattile Smart\+ Firmware, Tattile Smart\+, Tattile Tolling\+ Firmware, Tattile Tolling\+, Tattile Smart\+ Speed Firmware.

Vulnerability Description

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to device configuration and data.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Tattile	Smart\+ Firmware	<= 1.181.5
Tattile	Smart\+	-
Tattile	Tolling\+ Firmware	<= 1.181.5
Tattile	Tolling\+	-
Tattile	Smart\+ Speed Firmware	<= 1.181.5
Tattile	Smart\+ Speed	-
Tattile	Smart\+ Traffic Light Firmware	<= 1.181.5
Tattile	Smart\+ Traffic Light	-
Tattile	Axle Counter Firmware	<= 1.181.5
Tattile	Axle Counter	-
Tattile	Vega53 Firmware	<= 1.181.5
Tattile	Vega53	-
Tattile	Vega33 Firmware	<= 1.181.5
Tattile	Vega33	-
Tattile	Vega11 Firmware	<= 1.181.5
Tattile	Vega11	-
Tattile	Basic Mk2 Firmware	<= 1.181.5
Tattile	Basic Mk2	-
Tattile	Anpr Mobile Firmware	<= 1.181.5
Tattile	Anpr Mobile	-

Related Weaknesses (CWE)

CWE-1392

References

https://www.tattile.com/Product
https://www.vulncheck.com/advisories/tattile-smart-vega-basic-default-credentialThird Party AdvisoryVDB Entry
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5977.phpThird Party AdvisoryExploit

FAQ

What is CVE-2026-26341?

CVE-2026-26341 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker wh...

How severe is CVE-2026-26341?

CVE-2026-26341 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2026-26341?

Check the references section above for vendor advisories and patch information. Affected products include: Tattile Smart\+ Firmware, Tattile Smart\+, Tattile Tolling\+ Firmware, Tattile Tolling\+, Tattile Smart\+ Speed Firmware.