Moole Vulnerability Database

Find real vulnerabilities before they ship

High

CVE-2026-33583

Exposure of the QKEY (used as input into the ‘OTA-Quantum’ device registration process) and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03.

VectorNETWORK

PublishedMay 13, 2026, 19:17

Published Bya6d3dc9e-0591-4a13-bce7-0f5b31ff6158

Base Score

Score8.7

Affected Versions

No affected versions found.

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2026-33583

Weakness Type

CWE-749

CVSS Metrics

Base Score

8.7

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Base SeverityHigh

Version

3.1

Attack Vector (AV)

NETWORK