VDE-2026-021
März 30, 2026, 9:00 vorm.
The VC Hub incorporates the Magick.NET‑Q16‑AnyCPU component, derived from ImageMagick, to process user‑uploaded images and generate thumbnails within the projects image library. Only authenticated users with the Design Project Permission …
VDE-2026-018
März 24, 2026, 9:00 vorm.
The CODESYS Control runtime system's CmpAuditLog component allows potentially unauthenticated remote attackers to control the format string of processed log messages. Due to the internal processing logic, the impact is …
VDE-2026-011
März 24, 2026, 9:00 vorm.
The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups. While only the privileged Administrators and Developer groups are intended to load or debug applications on …
VDE-2026-024
März 23, 2026, 1:00 nachm.
Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow unauthenticated RCE or SQLi.
VDE-2026-025
März 23, 2026, 1:00 nachm.
Multiple vulnerabilities have been discovered in Helmholz myREX24V2 / myREX24V2.virtual that could allow unauthenticated RCE or SQLi.
VDE-2026-020
März 23, 2026, 9:00 vorm.
A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function.
VDE-2025-104
März 18, 2026, 9:00 vorm.
Multiple vulnerabilities have been identified in the FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx firmware prior to version 3.53. One of these (CVE-2026-22317) enables an attacker …
VDE-2026-015
März 11, 2026, 12:00 nachm.
Vulnerabilities in WALL IE devices with firmware <= V1.10.210 that allow an attacker to gain control over the device.