Vulnerability intelligence

CVE-2026-40624

Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+ cameras may allow a remote, unauthenticated attacker to achieve arbitrary code execution via a specially crafted web request.

CVSS Score

9.8

Critical

EPSS — Exploit Probability

0.6%

Riskier than 45% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

unknown

Check vendor advisories

NVD entry PoC / advisory

1 article across 1 outlet · first covered Jun 24, 2026 · latest Jun 24, 2026

Tracked incidents

incident open 11 articles

Lantronix, UniFi flaws surface as Outlook Mac reply glitch seen

Coverage timeline

Flaw in AVer PTC500S cameras allows remote code execution
securityonline.info · Jun 24, 2026