VYPR
Unrated severityNVD Advisory· Published Mar 4, 2026· Updated Mar 4, 2026

CVE-2026-26478

CVE-2026-26478

Description

A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code as the root account.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Mobvoi/Tichome Mini smart speakerdescription
  • Range: 012-18853, 027-58389

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.