Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-3395 | Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | 8.4 | 0.01% | 2025-04-30 | 2025-05-28 |
| CVE-2025-9970 | Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21. | 5.7 | 0.01% | 2025-10-08 | 2026-04-15 |
| CVE-2026-0936 | An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disabled by default and must be explicitly enabled by the user. | 5.1 | 0.01% | 2026-01-29 | 2026-04-15 |
| CVE-2025-10504 | Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. | 6.9 | 0.01% | 2025-09-29 | 2026-04-15 |
| CVE-2025-53190 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53189 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53188 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-11043 | An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges. | 9.1 | 0.01% | 2026-01-19 | 2026-04-15 |
| CVE-2025-3465 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ABB CoreSense™ HM, ABB CoreSense™ M10.This issue affects CoreSense™ HM: through 2.3.1; CoreSense™ M10: through 1.4.1.12. | 8.2 | 0.01% | 2025-10-20 | 2026-04-15 |
| CVE-2025-12143 | Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. | 6.9 | 0.01% | 2025-11-28 | 2026-04-15 |
| CVE-2025-12142 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. | 6.9 | 0.01% | 2025-10-29 | 2026-04-15 |
| CVE-2025-10205 | Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions | 8.7 | 0.01% | 2025-09-17 | 2026-04-15 |
| CVE-2024-47784 | Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier. | 2.1 | 0.01% | 2025-04-30 | 2026-04-15 |
| CVE-2025-53191 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.02% | 2025-08-11 | 2025-08-21 |
| CVE-2025-7064 | Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024. | 5.6 | 0.02% | 2026-06-11 | 2026-06-11 |
| CVE-2024-48842 | Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 and newer versions | 7.3 | 0.02% | 2025-09-17 | 2026-04-15 |
| CVE-2025-4675 | Improper Check for Unusual or Exceptional Conditions vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K. | 7.1 | 0.02% | 2026-01-07 | 2026-04-15 |
| CVE-2025-3756 | A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation. The System 800xA IEC | 7.1 | 0.02% | 2026-04-13 | 2026-05-19 |
| CVE-2025-14510 | Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120. | 9.2 | 0.02% | 2026-01-16 | 2026-04-15 |
| CVE-2025-3449 | A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions. | 2.3 | 0.02% | 2025-10-07 | 2026-04-15 |