{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T00:45:03.033","vulnerabilities":[{"cve":{"id":"CVE-2025-59452","sourceIdentifier":"cve@mitre.org","published":"2025-10-06T20:15:36.937","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-340"}]}],"references":[{"url":"https://bishopfox.com/blog/advisories","source":"cve@mitre.org"},{"url":"https://bishopfox.com/blog/how-a-20-smart-device-gave-me-access-to-your-home","source":"cve@mitre.org"},{"url":"https://shop.yosmart.com/pages/product-support","source":"cve@mitre.org"},{"url":"https://shop.yosmart.com/pages/sa-2025-001","source":"cve@mitre.org"}]}}]}