Advisories

Für CVSS 2.0, 3.0 und 3.2
VDE-2026-040
Juli 13, 2026, 12:00 nachm.
CODESYS EtherNet/IP is an add‑on for the CODESYS Development System that provides a fully integrated EtherNet/IP protocol stack along with diagnostic capabilities. A flaw in the EtherNet/IP adapter protocol stack …
VDE-2026-031
Juli 13, 2026, 9:00 vorm.
Certain devices in the WAGO System I/O Field series enable an internal diagnostic capability during the initial stages of system startup. This behavior, which is not part of the publicly …
VDE-2026-049
Juni 30, 2026, 12:00 nachm.
Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
VDE-2026-068
Juni 23, 2026, 1:00 nachm.
There is a vulnerability in mbCONNECT24/mymbCONNECT24 that allows an authenticated remote attacker to access a hidden configuration method, that should not be accessible by any user, to modify critical program …
VDE-2026-070
Juni 23, 2026, 2:00 nachm.
There is a vulnerability in myREX24V2/myREX24V2.virtual that allows an authenticated remote attacker to access a hidden configuration method, that should not be accessible by any user, to modify critical program …
VDE-2026-071
Juli 8, 2026, 12:00 nachm.
Multiple products from JUMO are affected by webserver vulnerability "CVE-2013-6786, CVE-2014-9222, CVE-2014-9223. This vulnerability leads to DOS of the device by using a misfortune cookie and reflected XSS attacks.
VDE-2026-051
Juni 17, 2026, 2:00 nachm.
A vulnerability has been identified in ibaPDA and ibaDatCoordinator. The affected applications do not properly restrict the .NET BinaryFormatter when deserializing client-server input. This could allow an attacker to cause …
VDE-2026-038
Juni 16, 2026, 3:00 nachm.
Multiple vulnerabilities have been identified in the TBEN-Lx-SE-M2 firmware prior to version 2.1.2.0 in Managed Ethernet Switches.