CVE-2026-2250 — The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal telemetry SQLite database containing sensitive operational data — CVE Database · The Intelligence Room