Bulletins

CISA (ALL)
07/09/2026

View CSAF

Summary

Successful exploitation of this vulnerability could allow an authenticated attacker to write arbitrary files to the filesystem and escalate this into arbitrary native code execution through the normal OpenPLC program compilation process, potentially resulting in code execution as the OpenPLC runtime user.

The following …

CISA (ALL)
07/09/2026

View CSAF

Summary

Schneider Electric is aware of a vulnerability in its Easergy MiCOM Px40 Series products. The [Easergy MiCOM Px40](https://www.se.com/ww/en/product-subcategory/4725-easergy-micom-px40-series/?filter=business-6-medium-voltage-distribution-and-grid-automation) is a protection relay series for Medium Voltage, High Voltage and Extra High Voltage protection. Failure to apply the mitigations provided below may risk unauthorized exposure of …

SIEMENS CERT
07/09/2026
Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: SICAM A8000 Device firmware CPCI85 for CP-8031/CP-8050 SICORE for CP-8010/CP-8012 SICAM EGS Device firmware CPCI85 SICAM S8000 SICORE Siemens has released new versions for the affected products and recommends to update to the …
CISA (ALL)
07/07/2026

View CSAF

Summary

Hitachi Energy is aware of a buffer overflow vulnerability that affects e-mesh EMS product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages (denial of service) and possible arbitrary code execution. Please …

CISA (ALL)
07/07/2026

View CSAF

Summary

Mendix Studio Pro versions before V11.12 are affected by a file parsing vulnerability that could be triggered when the application reads specially crafted malicious project during the build pipeline. This could allow an attacker to execute arbitrary code in the context of that user. Siemens …

CISA (ALL)
07/07/2026

View CSAF

Summary

Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and gain access to restricted resources, obtain credentials, and inject malicious scripts.

The following versions of Digi International PortServer TS, Digi One SP IA are affected:

  • PortServer TS
  • Digi …
CISA (ALL)
07/07/2026

View CSAF

Summary

Hitachi Energy is aware of insecure HTTP transmission vulnerability in PROMOD V product versions listed in this document. This vulnerability could allow attackers to intercept or manipulate sensitive data in transit, potentially leading to credential theft, session hijacking, or unauthorized access.

The following versions …

CISA (ALL)
07/07/2026

View CSAF

Summary

Successful exploitation of these vulnerabilities could lead to privilege escalation, or result in a denial-of-service attack.

The following versions of Hydro-Québec Le Circuit Electrique charging station backend are affected:

  • Le Circuit Electrique charging station backend
CVSS