1571 matches found
CVE-2026-31927
creationtimestamp| type| source ---|---|--- 2026-04-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03...
Threat landscape for industrial automation systems in Q4 2025
Statistics across all threats The percentage of ICS computers on which malicious objects were blocked has been decreasing since the beginning of 2024. In Q4 2025, it was 19.7%. Over the past three years, the percentage has decreased by 1.36 times, and by 1.25 times since Q4 2023. Percentage of IC...
RHSA-2026:8093 Red Hat Security Advisory: pcs security update
Bulletin has no description...
EUVD-2026-20888
Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...
EUVD-2026-20884
Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed...
CVE-2026-34184
Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed...
CVE-2026-4901
Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...
CVE-2026-34185
Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...
CVE-2026-34185
CVE-2026-34185 — SQL Injection in Hydrosystem Control System Affected product: Hydrosystem Control System.Vulnerability: SQL Injection across most scripts and input parameters due to lack of protections.Impact: With authentication, an attacker can inject arbitrary SQL commands, potentially gainin...
CVE-2026-34185 SQL Injection in Hydrosystem Control System
Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...
CVE-2026-34185
Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...
CVE-2026-34185 SQL Injection in Hydrosystem Control System
Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...
CVE-2026-34184 Missing Authorization in Hydrosystem Control System
Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed...
CVE-2026-34184 Missing Authorization in Hydrosystem Control System
Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed...
CVE-2026-4901
CVE-2026-4901 relates to Hydrosystem Control System logging credentials to a log file. The description states that sensitive information, including user credentials, is written to logs, enabling an attacker to obtain further access. This issue is tied to CVE-2026-34184, which describes missing au...
CVE-2026-4901 Insertion of Sesitive Information into Log File in Hydrosystem Control System
Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...
CVE-2026-4901
Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...
CVE-2025-13926
creationtimestamp| type| source ---|---|--- 2026-04-09 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-099-01 2026-04-09 20:55:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3oz6effv2q 2026-04-09 21:10:36+00:00| seen|...
CVE-2026-4436
creationtimestamp| type| source ---|---|--- 2026-04-09 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-099-02 2026-04-09 21:22:41+00:00| published-proof-of-concept| Telegram/3Mh7UNYEFXpMlnqwZliCqvVomRJKwd1lMrCq1dUb7HxJoTM 2026-04-09 21:37:12+00:00| seen|...
CVE-2026-25601
A vulnerability was identified in MEPIS RM, an industrial software product developed by Metronik. The application contained a hardcoded cryptographic key within the Mx.Web.ComponentModel.dll component. When the option to store domain passwords was enabled, this key was used to encrypt user...