siemens

2,361 tracked vulnerabilities.

CVE-2026-54801 HIGH
Siemens CPCI85 Central Processing/Communication - Unverified Password Change
Jul 09, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-54800 MEDIUM
Siemens CPCI85 Central Processing/Communication - Initialization of a Resource with an Insecure Default
Jul 09, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-54799 MEDIUM
Siemens CPCI85 Central Processing/Communication - Active Debug Code
Jul 09, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-54798 MEDIUM
Siemens CPCI85 Central Processing/Communication - Active Debug Code
Jul 09, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-48192 MEDIUM
Siemens Mendix Studio Pro 10.11 - Improper Control of Generation of Code ('Code Injection')
Jun 30, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-46749 HIGH
Siemens Sinec Ins < V1.0 SP2 Update 6 - Use of a One-Way Hash with a Predictable Salt
Jun 09, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-46748 HIGH
Siemens Sinec Ins < V1.0 SP2 Update 6 - Execution with Unnecessary Privileges
Jun 09, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-46747 MEDIUM
Siemens Sinec Ins < V1.0 SP2 Update 6 - Path Traversal: '/dir/../filename'
Jun 09, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-46746 HIGH
Siemens Sinec Ins < V1.0 SP2 Update 6 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jun 09, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-24349 HIGH
Siemens Simatic WinCC Unified PC Runtime V16 - Cleartext Storage in a File or on Disk
Jun 09, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-41918 MEDIUM
Siemens Ruggedcom RST2428P < V4.0 - Use of Web Browser Cache Containing Sensitive Information
Jun 02, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-0257 CRITICAL KEVNUCLEI
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
May 13, 2026
CVSS 9.1
EPSS 0.87
CVE-2026-42177 MEDIUM
linux-entra-sso: PRT SSO cookie can leak to attacker-controlled hosts when broad host permissions are granted
May 12, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-44412 HIGH
Siemens Solid Edge SE2026 < V226.0 Update 5 - Stack-based Buffer Overflow in PAR File Parser
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-44411 HIGH
Solid Edge SE2026 < V226.0 Update 5 - Remote Code Execution via Crafted PAR File Parsing
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41551 CRITICAL
Siemens ROS# < V2.2.2 - Path Traversal via Unsanitized User Input
May 12, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-41125 MEDIUM
Siemens Blueplanet 100 NX3 M8 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
May 12, 2026
CVSS 6.0
EPSS 0.00
CVE-2026-33893 HIGH
Siemens Teamcenter Hard-coded Credentials Vulnerability
May 12, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-33862 HIGH
Siemens Teamcenter V2312 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
May 12, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-27662 HIGH
Siemens Simatic Hmi MTP1000 Unified Comfort Panel - Initialization of a Resource with an Insecure Default
May 12, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-25789 HIGH
Siemens Simatic Drive Controller Cpu 1504D TF - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
May 12, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-25787 CRITICAL
Siemens Simatic Drive Controller Cpu 1504D TF - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
May 12, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-25786 CRITICAL
Siemens Simatic Drive Controller Cpu 1504D TF - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
May 12, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-22925 HIGH
Siemens Simatic CN 4100 < V5.0 - Allocation of Resources Without Limits or Throttling
May 12, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-22924 CRITICAL
SIMATIC CN 4100 < V5.0 - Unauthenticated Resource Exhaustion
May 12, 2026
CVSS 9.1
EPSS 0.00