Advisories

Für CVSS 2.0, 3.0 und 3.2
VDE-2026-071
Juli 8, 2026, 12:00 nachm.
Multiple products from JUMO are affected by webserver vulnerability "CVE-2013-6786, CVE-2014-9222, CVE-2014-9223. This vulnerability leads to DOS of the device by using a misfortune cookie and reflected XSS attacks.
VDE-2026-051
Juni 17, 2026, 2:00 nachm.
A vulnerability has been identified in ibaPDA and ibaDatCoordinator. The affected applications do not properly restrict the .NET BinaryFormatter when deserializing client-server input. This could allow an attacker to cause …
VDE-2026-038
Juni 16, 2026, 3:00 nachm.
Multiple vulnerabilities have been identified in the TBEN-Lx-SE-M2 firmware prior to version 2.1.2.0 in Managed Ethernet Switches.
VDE-2026-064
Juni 9, 2026, 12:00 nachm.
Multiple vulnerabilities have been discovered in LabX Standard v21.3.22. Most of the vulnerabilities are fixed in LabX Standard v21.4.23. The Vulnerabilities CVE-2025-69419, CVE-2026-0915, CVE-2025-15467 and CVE-2025-58187 are not yet fixed. …
VDE-2026-039
Juli 3, 2026, 3:00 nachm.
The MBS Universal Gateways (UGW-A-Series, UGW-X-Series) connect devices using various digital communication protocols within the field of building automation. Several security vulnerabilities have been identified in the UGW web GUI …
VDE-2026-060
Juni 3, 2026, 12:01 nachm.
VDE-2026-060: A unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers has been discovered.
VDE-2026-044
Mai 27, 2026, 1:00 nachm.
Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
VDE-2026-054
Mai 27, 2026, 1:00 nachm.
Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.