{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4910", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-26T16:10:45.133Z", "datePublished": "2026-03-27T03:01:03.856Z", "dateUpdated": "2026-03-27T11:23:12.368Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-27T03:01:03.856Z"}, "title": "Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-89", "lang": "en", "description": "SQL Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "Shenzhen Ruiming Technology", "product": "Streamax Crocus", "versions": [{"version": "1.3.0", "status": "affected"}, {"version": "1.3.1", "status": "affected"}, {"version": "1.3.2", "status": "affected"}, {"version": "1.3.3", "status": "affected"}, {"version": "1.3.4", "status": "affected"}, {"version": "1.3.5", "status": "affected"}, {"version": "1.3.6", "status": "affected"}, {"version": "1.3.7", "status": "affected"}, {"version": "1.3.8", "status": "affected"}, {"version": "1.3.9", "status": "affected"}, {"version": "1.3.10", "status": "affected"}, {"version": "1.3.11", "status": "affected"}, {"version": "1.3.12", "status": "affected"}, {"version": "1.3.13", "status": "affected"}, {"version": "1.3.14", "status": "affected"}, {"version": "1.3.15", "status": "affected"}, {"version": "1.3.16", "status": "affected"}, {"version": "1.3.17", "status": "affected"}, {"version": "1.3.18", "status": "affected"}, {"version": "1.3.19", "status": "affected"}, {"version": "1.3.20", "status": "affected"}, {"version": "1.3.21", "status": "affected"}, {"version": "1.3.22", "status": "affected"}, {"version": "1.3.23", "status": "affected"}, {"version": "1.3.24", "status": "affected"}, {"version": "1.3.25", "status": "affected"}, {"version": "1.3.26", "status": "affected"}, {"version": "1.3.27", "status": "affected"}, {"version": "1.3.28", "status": "affected"}, {"version": "1.3.29", "status": "affected"}, {"version": "1.3.30", "status": "affected"}, {"version": "1.3.31", "status": "affected"}, {"version": "1.3.32", "status": "affected"}, {"version": "1.3.33", "status": "affected"}, {"version": "1.3.34", "status": "affected"}, {"version": "1.3.35", "status": "affected"}, {"version": "1.3.36", "status": "affected"}, {"version": "1.3.37", "status": "affected"}, {"version": "1.3.38", "status": "affected"}, {"version": "1.3.39", "status": "affected"}, {"version": "1.3.40", "status": "affected"}, {"version": "1.3.41", "status": "affected"}, {"version": "1.3.42", "status": "affected"}, {"version": "1.3.43", "status": "affected"}, {"version": "1.3.44", "status": "affected"}], "modules": ["Endpoint"]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus bis 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-26T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-26T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-26T17:34:11.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "0menc (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/?id.353661", "name": "VDB-353661 | Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.353661", "name": "VDB-353661 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.777507", "name": "Submit #777507 | Shenzhen Ruiming Technology Co., Ltd. Crocus System 1.3.44 SQL Injection", "tags": ["third-party-advisory"]}, {"url": "https://my.feishu.cn/docx/QZU6dXZBBoBeLMx4K28cW1BEnsZ?from=from_copylink", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T11:21:46.369521Z", "id": "CVE-2026-4910", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T11:23:12.368Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4910", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T11:21:46.369521Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T11:23:00.690Z"}}], "cna": {"title": "Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection", "credits": [{"lang": "en", "type": "reporter", "value": "0menc (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "Shenzhen Ruiming Technology", "modules": ["Endpoint"], "product": "Streamax Crocus", "versions": [{"status": "affected", "version": "1.3.0"}, {"status": "affected", "version": "1.3.1"}, {"status": "affected", "version": "1.3.2"}, {"status": "affected", "version": "1.3.3"}, {"status": "affected", "version": "1.3.4"}, {"status": "affected", "version": "1.3.5"}, {"status": "affected", "version": "1.3.6"}, {"status": "affected", "version": "1.3.7"}, {"status": "affected", "version": "1.3.8"}, {"status": "affected", "version": "1.3.9"}, {"status": "affected", "version": "1.3.10"}, {"status": "affected", "version": "1.3.11"}, {"status": "affected", "version": "1.3.12"}, {"status": "affected", "version": "1.3.13"}, {"status": "affected", "version": "1.3.14"}, {"status": "affected", "version": "1.3.15"}, {"status": "affected", "version": "1.3.16"}, {"status": "affected", "version": "1.3.17"}, {"status": "affected", "version": "1.3.18"}, {"status": "affected", "version": "1.3.19"}, {"status": "affected", "version": "1.3.20"}, {"status": "affected", "version": "1.3.21"}, {"status": "affected", "version": "1.3.22"}, {"status": "affected", "version": "1.3.23"}, {"status": "affected", "version": "1.3.24"}, {"status": "affected", "version": "1.3.25"}, {"status": "affected", "version": "1.3.26"}, {"status": "affected", "version": "1.3.27"}, {"status": "affected", "version": "1.3.28"}, {"status": "affected", "version": "1.3.29"}, {"status": "affected", "version": "1.3.30"}, {"status": "affected", "version": "1.3.31"}, {"status": "affected", "version": "1.3.32"}, {"status": "affected", "version": "1.3.33"}, {"status": "affected", "version": "1.3.34"}, {"status": "affected", "version": "1.3.35"}, {"status": "affected", "version": "1.3.36"}, {"status": "affected", "version": "1.3.37"}, {"status": "affected", "version": "1.3.38"}, {"status": "affected", "version": "1.3.39"}, {"status": "affected", "version": "1.3.40"}, {"status": "affected", "version": "1.3.41"}, {"status": "affected", "version": "1.3.42"}, {"status": "affected", "version": "1.3.43"}, {"status": "affected", "version": "1.3.44"}]}], "timeline": [{"lang": "en", "time": "2026-03-26T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-26T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-26T17:34:11.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.353661", "name": "VDB-353661 | Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.353661", "name": "VDB-353661 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.777507", "name": "Submit #777507 | Shenzhen Ruiming Technology Co., Ltd. Crocus System 1.3.44 SQL Injection", "tags": ["third-party-advisory"]}, {"url": "https://my.feishu.cn/docx/QZU6dXZBBoBeLMx4K28cW1BEnsZ?from=from_copylink", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus bis 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "SQL Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-27T03:01:03.856Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4910", "state": "PUBLISHED", "dateUpdated": "2026-03-27T11:23:12.368Z", "dateReserved": "2026-03-26T16:10:45.133Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-27T03:01:03.856Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus bis 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-4910", "lastModified": "2026-03-27T04:16:08.043", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-27T04:16:08.043", "references": [{"source": "cna@vuldb.com", "url": "https://my.feishu.cn/docx/QZU6dXZBBoBeLMx4K28cW1BEnsZ?from=from_copylink"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.353661"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.353661"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.777507"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.5"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.6"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.7"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.8"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.9"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.10"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.11"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.12"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.13"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.14"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.15"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.16"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.17"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.18"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.19"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.20"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.21"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.22"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.23"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.24"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.25"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.26"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.27"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.28"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.29"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.30"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.31"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.32"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.33"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.34"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.35"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.36"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.37"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.38"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.39"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.40"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.41"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.42"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.43"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.44"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Streamax Crocus", "source": "cna", "vendor": "Shenzhen Ruiming Technology"}, "product": "streamax_crocus", "vendor": "shenzhen_ruiming_technology"}], "analysis": {"en": {"generated_at": "2026-03-27T06:50:47.030981+00:00", "value": {"mitigation_remediation": ["Apply any vendor-released fix or upgrade to a newer, non\u2011vulnerable Streamax Crocus version.", "If no patch is available, restrict network access to the device or block the /RemoteFormat.do endpoint entirely.", "Monitor incoming traffic for suspicious SQL queries or unusual activity on the endpoint.", "Ensure input validation or parameterization is enforced for the State parameter to mitigate injection attempts."], "summary": {"action": "Patch Immediately", "impact": "SQL Injection \u2013 Potential Data Exposure"}, "threat_synthesis": {"affected_systems": "The only version explicitly identified as vulnerable is Shenzhen Ruiming Technology\u2019s Streamax Crocus bis 1.3.44. No other product revisions are currently listed.", "description_and_impact": "The flaw originates in the /RemoteFormat.do endpoint of Streamax Crocus bis 1.3.44. An attacker can manipulate the State parameter so that untrusted input is concatenated into an SQL query, allowing execution of arbitrary statements. This injection can reveal, alter, or delete data in the backend database depending on its privileges, representing a threat to confidentiality, integrity, and possibly availability. The weakness aligns with input validation and SQL injection categories.", "risk_and_exploitability": "The CVSS v3.1 base score of 6.9 indicates a medium severity vulnerability. The description confirms that the attack can be performed remotely, likely without the need for local authentication, and the public disclosure suggests that exploitation is possible. While the Exploit Prediction Scoring System score is not available and the issue is not in the CISA Known Exploited Vulnerabilities list, the presence of public exploits indicates that the flaw may already be abused in the wild. Given these factors, the overall risk is significant, and timely remediation is advised."}}}}, "created": "2026-03-27T08:30:59.489277+00:00", "updated": "2026-03-27T09:22:20.279577+00:00", "vendors": ["shenzhen_ruiming_technology", "shenzhen_ruiming_technology$PRODUCT$streamax_crocus"]}