Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-33615 | An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability. | 9.1 | 0.41% | 2026-04-02 | 2026-06-17 |
| CVE-2026-33614 | An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. | 7.5 | 0.34% | 2026-04-02 | 2026-06-17 |
| CVE-2026-33613 | Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary data to the user table. | 7.2 | 0.50% | 2026-04-02 | 2026-06-17 |
| CVE-2026-2328 | An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information. | 7.5 | 0.31% | 2026-03-30 | 2026-06-17 |
| CVE-2026-3509 | An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial‑of‑service (DoS) condition. | 7.5 | 0.35% | 2026-03-24 | 2026-06-17 |
| CVE-2025-41660 | A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution. | 8.8 | 0.43% | 2026-03-24 | 2026-06-17 |
| CVE-2026-32969 | An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint’s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. | 7.5 | 0.44% | 2026-03-23 | 2026-06-17 |
| CVE-2026-32968 | Due to the improper neutralisation of special elements used in an OS command, an unauthenticated remote attacker can exploit an RCE vulnerability in the com_mb24sysapi module, resulting in full system compromise. This vulnerability is a variant attack for CVE-2020-10383. | 9.8 | 0.55% | 2026-03-23 | 2026-06-17 |
| CVE-2026-3587 | An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device. | 10.0 | 0.68% | 2026-03-23 | 2026-06-17 |
| CVE-2026-22323 | A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the victim’s knowledge or consent. Availability impact was set to low because after a successful attack the device will automatically recover without external intervention. | 7.1 | 0.18% | 2026-03-18 | 2026-06-17 |
| CVE-2026-22322 | A stored cross‑site scripting (XSS) vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to create a trunk entry containing malicious HTML/JavaScript code. When the affected page is viewed, the injected script executes in the context of the victim’s browser, enabling unauthorized actions such as interface manipulation. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticat | 7.1 | 0.25% | 2026-03-18 | 2026-06-17 |
| CVE-2026-22321 | A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain unaffected, the impact is limited to a low‑severity availability disruption. | 5.3 | 0.37% | 2026-03-18 | 2026-06-17 |
| CVE-2026-22320 | A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI and web dashboard to become unavailable and leading to a denial of service. | 6.5 | 0.32% | 2026-03-18 | 2026-06-17 |
| CVE-2026-22319 | A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack. | 4.9 | 0.34% | 2026-03-18 | 2026-06-17 |
| CVE-2026-22318 | A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack. | 4.9 | 0.34% | 2026-03-18 | 2026-06-17 |
| CVE-2026-22317 | A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges. | 7.2 | 1.00% | 2026-03-18 | 2026-06-17 |
| CVE-2026-22316 | A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack. | 6.5 | 0.38% | 2026-03-18 | 2026-06-17 |
| CVE-2025-41712 | An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get access to sensitive information on the device. This is a result of incorrect permission assignment for the web server. | 6.5 | 0.39% | 2026-03-10 | 2026-06-17 |
| CVE-2025-41711 | An unauthenticated remote attacker can use firmware images to extract password hashes and brute force plaintext passwords of accounts with limited access. | 5.3 | 0.31% | 2026-03-10 | 2026-06-17 |
| CVE-2025-41710 | An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges. | 6.5 | 0.39% | 2026-03-10 | 2026-06-17 |