CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Cvelist•added 2026/05/21 10:44 a.m.•34 views

CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

6.9CVSS0.0004EPSS

Exploits0References1

Vulnrichment•added 2026/05/21 10:44 a.m.•7 views

CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials

6.9CVSS5.8AI score0.0004EPSS

Exploits0References1

CVE•added 2026/05/21 10:44 a.m.•16 views

CVE-2026-0393

CVE-2026-0393 affects CODESYS Visualization. Root cause: insufficient isolation of authentication data during concurrent login operations allows credentials to be exposed remotely between low-privileged visualization users, limited to the login phase within an active visualization session. Impact...

6.9CVSS5.8AI score0.0004EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/05/21 12:0 a.m.•7 views

CODESYS Visualization 安全漏洞

CODESYS Visualization is a functional module developed by the German company CODESYS. It transforms the operation status of programs into a visual interface. There is a security vulnerability in CODESYS Visualization, which stems from insufficient authentication data isolation. This vulnerability...

6.9CVSS5.8AI score0.0004EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-12244

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00025EPSS

Exploits0References2

RedhatCVE•added 2025/04/25 11:44 p.m.•3 views

CVE-2025-2595

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing...

5.3CVSS7.2AI score0.00025EPSS

Exploits0References1

NVD•added 2025/04/23 8:15 a.m.•9 views

CVE-2025-2595

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing...

5.3CVSS0.00025EPSS

Exploits0References1

Cvelist•added 2025/04/23 7:54 a.m.•17 views

CVE-2025-2595 Forced Browsing Vulnerability in CODESYS Visualization

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing...

5.3CVSS0.00025EPSS

Exploits0References1

CVE•added 2025/04/23 7:54 a.m.•52 views

CVE-2025-2595

CVE-2025-2595 involves an unauthenticated remote attacker who can bypass the user management in CODESYS Visualization via forced browsing, enabling reads of visualization template files or static elements. The vulnerability is described across multiple sources as a forced-browsing/auth bypass iss...

5.3CVSS7.2AI score0.00025EPSS

Exploits0References1

CNNVD•added 2025/04/23 12:0 a.m.•1 views

CODESYS Visualization 安全漏洞

CODESYS Visualization is a functional module from CODESYS, Germany, that turns the running state of a program into a visual interface. A security vulnerability exists in CODESYS Visualization, which stems from the fact that user administration can be bypassed, which could result in reading...

5.3CVSS6.7AI score0.00025EPSS

Exploits0References1

Positive Technologies•added 2025/04/23 12:0 a.m.•2 views

PT-2025-17608 · 3S Smart Software Solutions · Codesys Visualization

Name of the Vulnerable Software and Affected Versions: CODESYS Visualization affected versions not specified Description: An unauthenticated remote attacker can bypass user management and read visualization template files or static elements through forced browsing. This issue affects the CODESYS...

5.3CVSS6.3AI score0.00025EPSS

Exploits0References7

OSV•added 2022/08/23 10:15 a.m.•1 views

CVE-2022-1989

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

5.3CVSS5.8AI score0.00235EPSS

Exploits0References1

NVD•added 2022/08/23 10:15 a.m.•10 views

CVE-2022-1989

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

5.3CVSS0.00235EPSS

Exploits0References1

Positive Technologies•added 2022/08/23 12:0 a.m.•3 views

PT-2022-14241 · 3S Smart Software Solutions · Codesys Visualization

Name of the Vulnerable Software and Affected Versions: CODESYS Visualization versions prior to V4.2.0.0 Description: The issue allows a remote, unauthenticated attacker to enumerate valid users due to information exposure in the login dialog. Recommendations: For versions prior to V4.2.0.0, updat...

5.3CVSS5.2AI score0.00235EPSS

Exploits0References3

CNNVD•added 2022/08/23 12:0 a.m.•3 views

CODESYS 安全漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in CODESYS Visualization versions prior to V4.2.0.0, which originates from a login dialog box that is susceptible to information disclosure and can be exploited by an attacker to...

5.3CVSS5.6AI score0.00235EPSS

Exploits0References2

ATTACKERKB•added 2022/06/03 10:0 a.m.•3 views

CVE-2022-1989

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

5.3CVSS6.1AI score0.00235EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by