VDE-2026-056
June 18, 2026, 12:00 PM
The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users. Due to insufficient …
VDE-2026-009
May 26, 2026, 9:00 AM
A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the …
VDE-2026-052
May 21, 2026, 12:00 PM
A vulnerability in the CODESYS Visualization login dialog has been identified. During logins within the CODESYS Visualization, authentication data may not be sufficiently isolated when multiple users perform login operations …
VDE-2026-042
May 12, 2026, 9:00 AM
CODESYS Modbus is an add‑on for the CODESYS Development System that provides a fully integrated Modbus protocol stack along with diagnostic capabilities. A flaw in the CODESYS Modbus TCP Server …
VDE-2026-005
May 6, 2026, 10:00 AM
The Firmware installed on the CR3171 is impacted by various CODESYS vulnerabilities.
VDE-2026-046
June 24, 2026, 12:00 PM
Vulnerable components expose sensitive information to unauthorized actors through an unsecured configuration interface. Vulnerable firmware releases contain an unsecured configuration interface that allows retrieval of sensitive information such as hashed …
VDE-2026-047
June 22, 2026, 12:00 PM
Vulnerable components expose sensitive information to unauthorized actors through an unsecured configuration interface. Vulnerable firmware releases contain an unsecured configuration interface that allows retrieval of sensitive information such as hashed …
VDE-2026-048
June 24, 2026, 12:00 PM
Vulnerable components expose sensitive information to unauthorized actors through an unsecured configuration interface. Vulnerable firmware releases contain an unsecured configuration interface that allows retrieval of sensitive information such as hashed …