CVE-2023-49069

A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...

EUVD-2024-44811

Malicious code in bioql PyPI...

EUVD-2022-37421

Malicious code in bioql PyPI...

EUVD-2025-10338

Malicious code in bioql PyPI...

EUVD-2023-53091

Malicious code in bioql PyPI...

EUVD-2022-29207

Malicious code in bioql PyPI...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2022-34466

A vulnerability has been identified in Mendix Applications using Mendix 9 All versions = V9.11 V9.15, Mendix Applications using Mendix 9 V9.12 All versions V9.12.3. An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running...

CVE-2022-24309

A vulnerability has been identified in Mendix Runtime V7 All versions V7.23.29, Mendix Runtime V8 All versions V8.18.16, Mendix Runtime V9 All versions V9.13 only with Runtime Custom Setting DataStorage.UseNewQueryHandler set to False. If an entity has an association readable by the user, then in...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit...

The vulnerability of the Mendix Runtime environment, related to inconsistencies in responses to incoming requests, allows attackers to disclose sensitive information.

The vulnerability of Mendix Runtime is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

CVE-2025-30280

A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...

CVE-2025-30280

A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...

CVE-2025-30280

A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...

CVE-2025-30280

A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...

CVE-2025-30280

CVE-2025-30280 affects Mendix Runtime: V8 (all versions), V9 (all versions < 9.24.34), V10 (all versions < 10.21.0 for the 10.x line, with sub-versions listed: <10.12.16, <10.18.5,

Siemens Mendix Runtime 安全漏洞

Siemens Mendix Runtime is a key component of Siemens AG Siemens, Germany. A security vulnerability exists in Siemens Mendix Runtime that stems from a distinguishable response that could lead to unauthorized enumeration of entity and property names...

PT-2025-15408 · Mendix · Mendix Runtime V8 +2

Name of the Vulnerable Software and Affected Versions: Mendix Runtime V8 versions prior to V9.24.34 is not accurate since V8 is a major version and should be listed separately, the correct interpretation is: Mendix Runtime V8 version prior to any specified fix, since all versions are affected...

Siemens Mendix Runtime

SUMMARY Mendix Runtime allows for entity enumeration due to distinguishable responses in certain client actions. This could allow an unauthenticated remote attacker to list all valid entities and attribute names of a Mendix Runtime-based application. Siemens has released new versions for several...

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to circumvent existing security restrictions.

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to circumvent existing security restrictions remotely...