MAXHUB Pivot Client Application Vulnerability Disclosed
A cryptographic vulnerability in the MAXHUB Pivot client application could allow unauthorized access to sensitive tenant information or cause a denial-of-service.
A vulnerability in the MAXHUB Pivot client application has been identified, potentially allowing attackers to access tenant email addresses and associated information in cleartext or trigger a denial-of-service condition. The flaw is rooted in the use of a broken or risky cryptographic algorithm.
The vulnerability, tracked as CVE-2026-6411, affects versions of the MAXHUB Pivot client application prior to the latest release. Successful exploitation could lead to unauthorized data exposure or service disruption for users of the platform.
Users are advised to review the official CISA advisory for specific version details and remediation steps. Organizations should prioritize updating the client application to mitigate the risk posed by this cryptographic weakness.