CVE-2026-31156

A path injection vulnerability exists in OpenPLC v3 2c82b0e79c53f8c1f1458eee15fec173400d6e1a as the binary program compiled from gluegenerator.cpp does not perform any validation on the file path parameters passed via the command line. The user-controlled input parameters are directly passed to t...

OpenPLC 安全漏洞

OpenPLC is an open-source, programmable logic controller developed by Thiago Alves. It provides low-cost industrial solutions for automation and research purposes. OpenPLC has a security vulnerability, which stems from the binary program compiled from gluegenerator.cpp not verifying the file path...

CVE-2025-1066

OpenPLCV3 contains an arbitrary file upload vulnerability, which could be leveraged for malvertising or phishing campaigns...

EUVD-2021-13614

Malware in sbrugna...

EUVD-2024-34597

Malicious code in bioql PyPI...

EUVD-2024-36330

Malicious code in bioql PyPI...

EUVD-2025-1985

Malicious code in bioql PyPI...

CVE-2024-37741

OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile picture...

CVE-2021-26829

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via systemsettings.shtm...

CVE-2018-20818

A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLCv2 and OpenPLCv3 versions. It occurs in the modbus.cpp mapUnusedIO function, which can cause a runtime crash of the PLC or possibly have unspecified other impact...

PT-2025-17884 · Openplc · Openplc

Name of the Vulnerable Software and Affected Versions: OpenPLC versions 3 through 64f9c11 Description: The issue is related to a memory corruption problem in the server.cpp component of OpenPLC. This occurs because a thread may access handleConnections arguments after the parent stack frame becom...

CVE-2025-1066 CVE-2025-1066

OpenPLCV3 contains an arbitrary file upload vulnerability, which could be leveraged for malvertising or phishing campaigns...

CVE-2024-34026

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to...

CVE-2024-36980

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...

CVE-2024-39589

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLCv3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to...

CVE-2024-36981

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...

OpenPLC 安全漏洞

OpenPLC is an open source programmable logic controller from the individual developer Thiago Alves. It can provide low-cost industrial solutions for automation and research. A security vulnerability exists in OpenPLC that stems from the EtherNet/IP parsing function mishandling specific requests,...

OpenPLC Cross-Site Scripting Vulnerability

OpenPLC is an open source programmable logic controller. It can provide low-cost industrial solutions for automation and research. OpenPLC suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can ...