EUVD-2026-9280

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote...

CVE-2026-1874

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

CVE-2026-1874

CVE-2026-1874 concerns a denial-of-service vulnerability in Mitsubishi Electric MELSEC iQ-F Series Ethernet modules. The affected components are FX5-ENET/IP (versions 1.106 and earlier) and FX5-EIP Ethernet module (all versions). The issue is described as an Always-Incorrect Control Flow Implemen...

Mitsubishi Electric MELSEC iQ-F series 安全漏洞

The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller developed by Mitsubishi Electric, a Japanese company. The MELSEC iQ-F series contains security vulnerabilities, which stem from improper resource closure or release procedures. This could allow remote attackers to cause...

Mitsubishi Electric MELSEC iQ-F Series 安全漏洞

Mitsubishi Electric MELSEC iQ-F Series are a series of simple motion controllers produced by Mitsubishi Electric, a Japanese company. The Mitsubishi Electric MELSEC iQ-F Series contain security vulnerabilities. These vulnerabilities stem from incorrect implementation of control flows in the...

PT-2026-22724

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP affected versions not specified Description An improper resource shutdown or release issue exists in the Mitsubishi Electric Corporation MELSEC iQ-F...

PT-2026-22723

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP affected versions not specified Description An improper resource shutdown or release issue exists in the Mitsubishi Electric Corporation MELSEC iQ-F Series...

Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet Module (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition by continuously sending UDP packets to the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

CVE-2026-26025

free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, SMF panics and terminates when processing a malformed PFCP SessionReportRequest on the PFCP UDP/8805 interface. No known upstrea...

CVE-2026-27182

Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send malformed packets with unsanitized command data that the...

CVE-2026-27476

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

Bixat RustFly 操作系统命令注入漏洞

Bixat RustFly is a cross-platform remote control tool developed by the Moroccan company Bixat. Version Bixat RustFly 2.0.0 contains a vulnerability related to operating system command injection. This vulnerability arises from the improper handling of hexadecimal-encoded commands received via UDP...

CVE-2026-27182

The CVE describes a local, unauthenticated command injection in Saturn Remote Mouse Server. An attacker on the same local network can send specially crafted UDP JSON frames to port 27000, where the service forwards unsanitized command data to OS execution functions, resulting in remote code execu...

Saturn Remote Mouse Server 访问控制错误漏洞

Saturn Remote Mouse Server is a remote mouse server developed by Saturn Remote Corporation. The Saturn Remote Mouse Server has an access control vulnerability, which stems from a command injection vulnerability. This vulnerability allows unverified attackers to execute arbitrary commands by sendi...

📄 Remote for Mac 2025.6 Unauthenticated UDP Keyboard Remote Code Execution

A remote code execution vulnerability exists in Remote for Mac version 2025.6. When the "Allow unknown devices" option is enabled, the application accepts unauthenticated key input over UDP on port 1947. By sending a crafted sequence of UDP packets that simulate keyboard events, an attacker can...

📄 Saturn Remote Mouse Server 1 Command Injection

A service component of Saturn Remote Mouse Server listens for unauthenticated UDP JSON-like frames on UDP port 27000. Improper input handling allows specially crafted frames to cause execution of arbitrary commands within the context of the service process, resulting in remote code execution on t...

📄 RustFly 2.0.0 Event Manipulation

The remote UI control mechanism of RustFly accepts raw hex-encoded instructions over UDP. Some sequences trigger execution of remote system-level operations. Improper sanitization allows command-level injection. Version 2.0.0 is affected...

EUVD-2026-6138

A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2026-2525

A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

free5GC 安全漏洞

Free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of Free5GC prior to 4.1.0 contain security vulnerabilities, which stem from incorrect handling of the PFCP UDP Endpoint component. These vulnerabilities could lead to denial-of-service attacks...