Sensitive Information Exposure in Mesalvo Meona Components
CVE-2026-0857

6MEDIUM

Key Information:

Vendor: Mesalvo
Status: Meona Client Launcher Component; Meona Server Component
Vendor: CVE Published:; 20 May 2026

What is CVE-2026-0857?

The Mesalvo Meona Client Launcher and Server Components are susceptible to a vulnerability that allows for the cleartext storage of sensitive data in memory. This poses a risk as unauthorized actors may gain access to confidential information stored during execution. Users of the affected versions should review their system configurations and consider implementing security best practices to mitigate potential data exposure.

Affected Version(s)

Meona Client Launcher Component 0 <= 19.06.2020 15:11:49

Meona Server Component 0 <= 2025.04 5+323020

References

https://seccore.at/blog/cves-meona/

third-party-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
Jan 12, 2026

CVE-2026-0857 Data

JSON