Where we at with these updates for those not wanting to run beta software on their devices?
For those reading, if you have these behind a firewall you are fine (the big concern would be if you already have an attacker on your internal network). The UART isnt even something I would be worried about unless they have physical access to your device
Also im sure there are some people out there directly exposing these things to the internet. Please dont do that, it is 2026. Tailscale works very well.
Precisely why I don’t allow the RM-1 to directly access the internet or use their cloud connect.
I have mine disabled, I only would enable it if a gl agent/employee wants to check something.
Else I use my own wireguard server tunnel so it is only accessible within the tunnel connection. 
The information in this link is incorrect. We released firmware version 1.7.2 to fix CVE-2026-32293 and CVE-2026-32292 back in October of last year.https://www.cve.org/CVERecord?id=CVE-2026-32293
CVE-2026-32291: Hackers must possess your physical device
CVE-2026-32290: Hackers must first compromise the firmware server, but our firmware server is protected by a professional security service provider..
Of course, we will release firmware updates to fix these two legacy CVEs within the next two days.
Will be fix in 1.8.2
RM1 /RM10 1.8.2 has been released.
RM1PE will also release in a few hours.