Low severity3.1NVD Advisory· Published Mar 23, 2026· Updated Apr 29, 2026

CVE-2026-4584

Description

A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. This affects an unknown part of the component Cardholder Data Handler. Executing a manipulation can lead to cleartext transmission of sensitive information. The attack requires access to the local network. The attack requires a high level of complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

Davim09/M6plusexploitreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Davim09/m6plusexploit/blob/main/docs/CVE-3-DataExposure.mdnvd
vuldb.comnvd
vuldb.comnvd
vuldb.comnvd

News mentions

No linked articles in our index yet.

cvss	0.202
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000