Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-41743 | Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a local unprivileged attacker to extract data from update images and thus obtain limited information about the architecture and internal processes. | 4.0 | 0.01% | 2025-12-02 | 2026-02-23 |
| CVE-2022-50980 | A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN. | 6.5 | 0.01% | 2026-02-02 | 2026-04-15 |
| CVE-2022-50979 | An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485). | 6.5 | 0.01% | 2026-02-02 | 2026-04-15 |
| CVE-2022-50976 | A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB. | 7.7 | 0.01% | 2026-02-02 | 2026-04-15 |
| CVE-2025-41762 | An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates. | 6.2 | 0.01% | 2026-03-09 | 2026-03-11 |
| CVE-2026-44469 | The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation. | 8.5 | 0.01% | 2026-05-26 | 2026-05-28 |
| CVE-2026-44468 | The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components. | 8.5 | 0.01% | 2026-05-26 | 2026-05-28 |
| CVE-2026-2364 | If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer. | 7.3 | 0.01% | 2026-03-10 | 2026-03-11 |
| CVE-2025-41647 | A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions. | 5.5 | 0.01% | 2025-06-25 | 2026-04-15 |
| CVE-2024-23942 | A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS. | 7.1 | 0.01% | 2025-03-18 | 2026-04-15 |
| CVE-2025-41731 | A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the debug interface is still enabled. | 7.4 | 0.01% | 2025-11-10 | 2026-04-15 |
| CVE-2025-41755 | A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open (e.g., /tmp/weblog{some_number}), but this parameter is not properly validated, allowing an attacker to modify it to reference any file and retrieve its contents. | 6.5 | 0.02% | 2026-03-09 | 2026-03-11 |
| CVE-2025-41696 | An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device. | 4.6 | 0.02% | 2025-12-09 | 2025-12-19 |
| CVE-2023-5872 | In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint. | 4.3 | 0.02% | 2026-04-16 | 2026-04-17 |
| CVE-2026-22320 | A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI and web dashboard to become unavailable and leading to a denial of service. | 6.5 | 0.02% | 2026-03-18 | 2026-03-18 |
| CVE-2026-22319 | A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack. | 4.9 | 0.02% | 2026-03-18 | 2026-03-18 |
| CVE-2026-22318 | A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack. | 4.9 | 0.02% | 2026-03-18 | 2026-03-18 |
| CVE-2025-41727 | A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access. | 7.8 | 0.02% | 2026-01-27 | 2026-04-15 |
| CVE-2026-22321 | A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain unaffected, the impact is limited to a low‑severity availability disruption. | 5.3 | 0.02% | 2026-03-18 | 2026-03-18 |
| CVE-2025-41720 | A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified. | 4.3 | 0.02% | 2025-10-22 | 2026-04-15 |