CVE-2026-25550

Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The service registers an unauthenticated singleton endpoint — BarTenderSystem for BarTender 2016 = R9, and...

CVE-2026-0611

Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability through a deprecated .NET Remoting HTTP channel exposed on port 8989 that allows attackers to perform arbitrary file read and write operations by...

CVE-2026-25551

Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoting endpoint is bound to localhost on TCP port 7375 via BtSystem.Service.exe, limiting the attack...

CVE-2026-25551

Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoting endpoint is bound to localhost on TCP port 7375 via BtSystem.Service.exe, limiting the attack...

EUVD-2026-34306

Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoting endpoint is bound to localhost on TCP port 7375 via BtSystem.Service.exe, limiting the attack...

CVE-2026-25550 Seagull Software BarTender Unauthenticated RCE via .NET Remoting Service

Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The service registers an unauthenticated singleton endpoint — BarTenderSystem for BarTender 2016 = R9, and...

CVE-2026-25550 Seagull Software BarTender Unauthenticated RCE via .NET Remoting Service

Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The service registers an unauthenticated singleton endpoint — BarTenderSystem for BarTender 2016 = R9, and...

PT-2026-46297

Name of the Vulnerable Software and Affected Versions BarTender 2010 BarTender 2016 versions prior to R10 BarTender 2019 versions prior to R11 Description An unauthenticated remote code execution issue exists in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The...

CVE-2026-0611

Summary: CVE-2026-0611 affects Spacelabs Healthcare Sentinel 10.5.x and higher and Sentinel 11.x.x prior to 11.6.0. A deprecated .NET Remoting HTTP channel exposed on port 8989 allows unauthenticated remote code execution by supplying valid .NET URI endpoints, enabling arbitrary file read/write a...

CVE-2025-15610

The .NET Remoting framework used by OpenText Fax RightFax includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible...

CVE-2026-23751

Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...

EUVD-2026-25228

Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...

CVE-2026-23751

Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...

EUVD-2026-22724

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashes by supplying a Windows UNC path as a target file argument through object-unmarshalling...

CVE-2026-39906

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashes by supplying a Windows UNC path as a target file argument through object-unmarshalling...

CVE-2026-39906

CVE-2026-39906 affects Unisys WebPerfect Image Suite v3.0.3960.22810 and v3.0.3960.22604. The root cause is exposure of a deprecated .NET Remoting TCP channel, enabling remote unauthenticated attackers to leak NTLMv2 machine-account hashes by passing a Windows UNC path as a target file argument v...

CVE-2026-21665

The Print Service component of Fiserv Originate Loans Peripherals formerly Velocity Services in unsupported version 2021.2.4 build 4.7.3155.0011 uses deprecated .NET Remoting TCP channels that allow unsafe deserialization of untrusted data. When these services are exposed to an untrusted network ...

CVE-2026-21665

The Print Service component of Fiserv Originate Loans Peripherals formerly Velocity Services in unsupported version 2021.2.4 build 4.7.3155.0011 uses deprecated .NET Remoting TCP channels that allow unsafe deserialization of untrusted data. When these services are exposed to an untrusted network ...

CVE-2026-21665

The Print Service component of Fiserv Originate Loans Peripherals formerly Velocity Services in unsupported version 2021.2.4 build 4.7.3155.0011 uses deprecated .NET Remoting TCP channels that allow unsafe deserialization of untrusted data. When these services are exposed to an untrusted network ...

PT-2026-21572

Name of the Vulnerable Software and Affected Versions Fiserv Originate Loans Peripherals version 2021.2.4 build 4.7.3155.0011 Description The Print Service component of Fiserv Originate Loans Peripherals utilizes deprecated .NET Remoting TCP channels that permit unsafe deserialization of untruste...