4 matches found
CVE-2026-25938
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execute arbitrary code on the server when the Node-RED plugin is enabled. This has been patched in FUXA...
CVE-2026-25939 FUXA Unauthenticated Remote Arbitrary Scheduler Write
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on...
CVE-2026-25938
CVE-2026-25938 affects FUXA (web-based Process Visualization) versions 1.2.8–1.2.10. A vulnerability in the Node-RED plugin allows an unauthenticated attacker to bypass authentication and execute arbitrary code on the server. The issue has been fixed in version 1.2.11. The CVSS v4.0 base score is...
CVE-2026-23842
ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust...