VDE-2026-071
Juni 23, 2026, 12:00 nachm.
Multiple products from JUMO are affected by webserver vulnerability "CVE-2013-6786, CVE-2014-9222, CVE-2014-9223. This vulnerability leads to DOS of the device by using a misfortune cookie and reflected XSS attacks.
VDE-2026-009
Mai 26, 2026, 9:00 vorm.
A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the …
VDE-2025-086
Nov. 10, 2025, 12:00 nachm.
A vulnerability was identified in the variTRON password generation algorithm of the debug-interface. The PRNG is initialized with the current Unix Timestamp, thus the resulting password is predictable. With the …