| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35225 | Improper timeout handling in CODESYS EtherNetIP | CODESYS | CODESYS EtherNetIP | - | - | 2026-04-23 13:54:52 | Deep Dive |
| CVE-2026-3509 | CODESYS Control Audit Log Format String DoS | CODESYS | CODESYS Control RTE (SL) | High | 7.5 | 2026-03-24 07:42:34 | Deep Dive |
| CVE-2025-41660 | CODESYS Control Boot Application Replacement Enables Code Execution | CODESYS | CODESYS Control RTE (SL) | High | 8.8 | 2026-03-24 07:41:43 | Deep Dive |
| CVE-2026-2364 | CODESYS Installer TOCTOU Privilege Escalation | CODESYS | CODESYS Installer | High | 7.3 | 2026-03-10 07:22:43 | Deep Dive |
| CVE-2025-41700 | CODESYS Development System - Deserialization of Untrusted Data | CODESYS | CODESYS Development System | High | 7.8 | 2025-12-01 10:02:47 | Deep Dive |
| CVE-2025-41738 | CODESYS Control - Invalid type usage in visualization | CODESYS | CODESYS Control RTE (SL) | High | 7.5 | 2025-12-01 10:02:33 | Deep Dive |
| CVE-2025-41739 | CODESYS Control - Linux/QNX SysSocket flaw | CODESYS | CODESYS PLCHandler | Medium | 5.9 | 2025-12-01 10:00:44 | Deep Dive |
| CVE-2025-41691 | CODESYS Control DoS via Unauthenticated NULL Pointer Dereference | CODESYS | Control RTE (SL) | High | 7.5 | 2025-08-04 08:04:35 | Deep Dive |
| CVE-2025-41659 | CODESYS Control PKI Exposure Enables Remote Certificate Access | CODESYS | Control RTE (SL) | High | 8.3 | 2025-08-04 08:04:05 | Deep Dive |
| CVE-2025-41658 | CODESYS Toolkit Exposes Sensitive Files via Default Permissions | CODESYS | Runtime Toolkit | Medium | 5.5 | 2025-08-04 08:03:27 | Deep Dive |
| CVE-2025-2595 | Forced Browsing Vulnerability in CODESYS Visualization | CODESYS | CODESYS Visualization | Medium | 5.3 | 2025-04-23 07:54:00 | Deep Dive |
| CVE-2024-41975 | CODESYS (Edge) Gateway for Windows insecure default | CODESYS | CODESYS Edge Gateway | Medium | 5.3 | 2025-03-18 11:04:26 | Deep Dive |
| CVE-2025-0694 | CODESYS Control V3 removable media path traversal | CODESYS | CODESYS Control for BeagleBone SL | Medium | 6.6 | 2025-03-18 11:04:06 | Deep Dive |
| CVE-2025-1468 | CODESYS Control V3 - OPC UA Server Authentication bypass | CODESYS | CODESYS Runtime Toolkit | High | 7.5 | 2025-03-18 11:03:18 | Deep Dive |
| CVE-2024-8175 | CODESYS: web server vulnerable to DoS | CODESYS | CODESYS Control for BeagleBone SL | High | 7.5 | 2024-09-25 08:04:23 | Deep Dive |
| CVE-2024-6876 | Out-of-bounds read in OSCAT-Library | oscat.de | OSCAT Basic Library | Medium | 4.4 | 2024-09-10 15:08:16 | Deep Dive |
| CVE-2023-5751 | CODESYS: Development system prone to DoS through exposure of resource to wrong sphere | CODESYS | CODESYS Control Win (SL) | High | 7.8 | 2024-06-04 08:54:22 | Deep Dive |
| CVE-2024-5000 | CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products | CODESYS | CODESYS Control for BeagleBone SL | High | 7.5 | 2024-06-04 08:54:07 | Deep Dive |
| CVE-2023-49676 | CODESYS: Use after free vulnerability through corrupted project files | CODESYS | CODESYS Development System V2.3 | Medium | 5.5 | 2024-05-06 11:09:34 | Deep Dive |
| CVE-2023-49675 | CODESYS: Out-of-bounds write through corrupted project files | CODESYS | CODESYS Development System V2.3 | High | 7.8 | 2024-05-06 11:09:18 | Deep Dive |