AVer PTC cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system devices and/or...

CVE-2026-8805

creationtimestamp| type| source ---|---|--- 2026-06-18 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-05 2026-06-19 03:39:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3momg6mfz772q...

CVE-2026-8806

creationtimestamp| type| source ---|---|--- 2026-06-18 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-06 2026-06-19 03:48:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3momgpageit2x...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-71190)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. This plugin only works with Tenable.ot. Please visit...

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2022-30790)

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505465;...

CVE-2026-11317

creationtimestamp| type| source ---|---|--- 2026-06-16 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-03 2026-06-16 16:01:43+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mog6bmgo4o2o 2026-06-16 17:48:09+00:00| seen|...

CVE-2026-50101

creationtimestamp| type| source ---|---|--- 2026-06-11 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-02 2026-06-13 06:00:25+00:00| seen| https://infosec.exchange/users/offseq/statuses/116741270655954829 2026-06-13 06:02:30+00:00| seen|...

CVE-2026-50099

creationtimestamp| type| source ---|---|--- 2026-06-11 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-02...

CVE-2026-50244

creationtimestamp| type| source ---|---|--- 2026-06-11 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-02...

CVE-2026-21404

creationtimestamp| type| source ---|---|--- 2026-06-04 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-01 2026-06-04 16:01:37+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnhyodv5pj2v 2026-06-04 23:00:27+00:00| seen|...

CVE-2026-7310

creationtimestamp| type| source ---|---|--- 2026-06-04 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-05...

NAVTOR NavBox

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a local attacker to gain unauthorized access to SOAP methods, resulting in a disruption of operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

CVE-2026-10057

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

CVE-2026-10057 ITP Technology｜ITS Intelligent SCADA System - Stored Cross-Site Scripting

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

Waterfall WF-500 操作系统命令注入漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. The Waterfall WF-500 has a vulnerability related to operating system command injection. This vulnerability stems from command injecti...

ITP ITS Intelligent SCADA System 跨站脚本漏洞

ITP ITS Intelligent SCADA System is an industrial automation monitoring and data acquisition platform developed by ITP, a company from Taiwan, China. The ITP ITS Intelligent SCADA System has a cross-site scripting vulnerability, which stems from stored-xss scripts. This vulnerability may allow...

ITP ITS Intelligent SCADA System 跨站脚本漏洞

ITP ITS Intelligent SCADA System is an industrial automation monitoring and data acquisition platform developed by ITP, a company from Taiwan, China. The ITP ITS Intelligent SCADA System has a cross-site scripting vulnerability, which stems from stored-xss scripts. This vulnerability may allow...

Waterfall WF-500 操作系统命令注入漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. The Waterfall WF-500 has a vulnerability related to operating system command injection. This vulnerability stems from command injecti...

PT-2026-44763

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

KMW CCTV Security Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...