4 matches found
CVE-2025-13913 Inductive Automation Ignition Software Deserialization of Untrusted Data
A privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code...
CVE-2026-1670
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address...
CVE-2026-1670
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address...
CVE-2026-1670
CVE-2026-1670 affects Honeywell CCTV products including Honeywell I-HIB2PI-UL 2MP IP, SMB NDAA MVO-3, PTZ WDR 2MP 32M, and 25M IPC. The root cause is an unauthenticated API endpoint exposure that allows an attacker to remotely change the recovery email address used for password resets, potentiall...