Advisories

For CVSS 2.0, 3.0 and 3.2
VDE-2026-063
July 14, 2026, 1:00 PM
Multiple Murrelektronik network-enabled devices respond to SNMPv2c 'GETBULK' requests with disproportionately large response packets when the requesting party specifies a large max-repetitions value. This response amplification allows the affected devices …
VDE-2026-062
July 14, 2026, 12:00 PM
Several Murrelektronik devices using Profinet are shipped with the default SNMP community names ('public' for read access and 'private' for write access). If these community strings remain unchanged in the …
VDE-2026-066
July 14, 2026, 12:00 PM
This update deploys cumulative Microsoft Windows security patches through March 2026 for LTSB 2016, LTSC 2019, and LTSC 2021.
VDE-2026-040
July 13, 2026, 12:00 PM
CODESYS EtherNet/IP is an add‑on for the CODESYS Development System that provides a fully integrated EtherNet/IP protocol stack along with diagnostic capabilities. A flaw in the EtherNet/IP adapter protocol stack …
VDE-2026-031
July 13, 2026, 9:00 AM
Certain devices in the WAGO System I/O Field series enable an internal diagnostic capability during the initial stages of system startup. This behavior, which is not part of the publicly …
VDE-2026-049
June 30, 2026, 12:00 PM
Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
VDE-2026-068
June 23, 2026, 1:00 PM
There is a vulnerability in mbCONNECT24/mymbCONNECT24 that allows an authenticated remote attacker to access a hidden configuration method, that should not be accessible by any user, to modify critical program …
VDE-2026-070
June 23, 2026, 2:00 PM
There is a vulnerability in myREX24V2/myREX24V2.virtual that allows an authenticated remote attacker to access a hidden configuration method, that should not be accessible by any user, to modify critical program …