Skip to content
Brand Logo

CIRCLE WITH A DOT
  • certvde@infosec.exchangeC

    #OT #Advisory VDE-2026-018CODESYS Control V3 - Externally-controlled format string in Auditlog

    Uncategorized advisory cve csaf
    1
    0 Votes
    1 Posts
    0 Views
    certvde@infosec.exchangeC
    #OT #Advisory VDE-2026-018CODESYS Control V3 - Externally-controlled format string in AuditlogThe CODESYS Control runtime system's CmpAuditLog component allows potentially unauthenticated remote attackers to control the format string of processed log messages. Due to the internal processing logic, the impact is limited to a crash of the CODESYS Control runtime.#CVE CVE-2026-3509https://certvde.com/en/advisories/vde-2026-018/#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-03_vde-2026-018.json
  • certvde@infosec.exchangeC

    #OT #Advisory VDE-2026-011CODESYS Control V3 - Untrusted boot application

    Uncategorized advisory cve csaf
    1
    0 Votes
    1 Posts
    0 Views
    certvde@infosec.exchangeC
    #OT #Advisory VDE-2026-011CODESYS Control V3 - Untrusted boot applicationThe CODESYS Control runtime system provides a user management mechanism with multiple privilege groups. While only the privileged Administrators and Developer groups are intended to load or debug applications on the controller, users in the restricted Service group are allowed to perform maintenance operations, including explicitly replacing the boot application.#CVE CVE-2025-41660https://certvde.com/en/advisories/vde-2026-011/#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-02_vde-2026-011.json
  • adulau@infosec.exchangeA

    A new pull request for Vulnerability-Lookup adds a CSAF producer that publishes advisories for many manufacturers.

    Uncategorized gcve cve cybersecurity csaf vulnerability
    1
    1
    0 Votes
    1 Posts
    0 Views
    adulau@infosec.exchangeA
    A new pull request for Vulnerability-Lookup adds a CSAF producer that publishes advisories for many manufacturers.This is great for defenders and researchers, as it increases the amount of detailed vulnerability information available.It will push the number of ingested feeds to more than 50 unique sources, highlighting the growing diversity of our data sources.If someone tells you there is a single source of truth for vulnerability information, they’re ignoring the reality: vulnerability intelligence comes from many different sources.Thanks to @rafi0t for the continuous work on adding CSAF and feeds to vulnerability-lookup#gcve #cve #cybersecurity #csaf #vulnerability #opendata #opensource The new PR with many new CSAF sources https://github.com/vulnerability-lookup/vulnerability-lookup/pull/348 The open source vulnerability-lookup software https://www.vulnerability-lookup.org/ GCVE instance https://db.gcve.eu/@gcve @cedric