CVE-2026-50087 | Aqara IAM SSO Gateway up to 3.1/8.2 gw-builder.aqara.com cross-domain policy

SecurityVulns

A vulnerability was found in Aqara IAM SSO Gateway up to 3.1/8.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the component gw-builder.aqara.com. This manipulation causes permissive cross-domain policy with untrusted domains.

This vulnerability is tracked as CVE-2026-50087. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More