Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40257)

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusin...

Siemens RUGGEDCOM RST2428P Cross-site Scripting (CVE-2026-22610)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

CVE-2025-40802

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial of service, with the system recovering onc...

CVE-2025-40803

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device exposes certain non-critical information from the device. This could allow an unauthenticated attacker to access sensitive data, potentially leading to a breach of confidentiality...