HOMEVULNERABILITIESCVE-2026-52866
MEDIUM

CVE-2026-52866

CWE-862Published: June 19, 2026· Updated: Jun 22, 2026

6.5
CVSS v3.1

Official Description

An attacker within BLE communication range can monopolize the device's

only available BLE connection slot, preventing legitimate users or

applications from establishing a connection.

NVD Source

Technical Analysis

CVE-2026-52866 requires adjacent network access, limiting remote exploitation but still posing risk in shared or local network environments.

The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.

A successful exploit results in availability disruption (denial of service), with a CVSS base score of 6.5.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorAdjacent
Attack ComplexityLow
Privileges Req.None
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityNone
IntegrityNone
AvailabilityHigh
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

News & Research Mentioning CVE-2026-52866

Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
CISA Alerts· Jun 18, 2026

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with the device. The following versions of Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT are affected: Blood Glucose Monitoring System (Model No. APG-01 BT) 0x0110_v1.1.0 (CVE-2026-50034, CVE-2026-52866) CVSS Vendor Equipment Vulnerabilities v3 6.5 Apollo Pharmacy Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT Cleartext Transmission of Sensitive Information, Missing Authorization Background Critical Infrastructure Sectors: Healthcare and Public Health Countries/Areas Deployed: India Company Headquarters Location: India Vulnerabilitie [xlite_meta score:73 src:CISA Alerts xlite_fp:a8c7a750538e2275ea8b101c510eb9fe37a577d1b98dcb09de66caf6a763a018]

All References (4)

Quick Facts

CVE IDCVE-2026-52866
CVSS Score6.5 / 10
SeverityMEDIUM
WeaknessCWE-862
CISA KEVNo
PublishedJun 19, 2026

Related CVEs (CWE-862)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-52866 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.