CVE-2026-12569
PTC Windchill and FlexPLM are vulnerable to improper input validation, allowing for potential exploitation. This vulnerability is confirmed as actively exploited in the wild.
Critical vulnerabilities, curated daily for security professionals
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Adobe ColdFusion (CVE-2026-48276 and CVE-2026-48277, both CVSS 10) and IBM Langflow OSS (CVE-2026-10134, CVSS 10) lead a batch of enterprise-facing critical flaws disclosed yesterday. Critical CVEs (CVSS 9.0+) rose to 39 from 12 the prior day, a 225% increase, while high-priority vulnerabilities held roughly steady at 66 (down 4% from 69). Additional notable critical issues include Orkes Conductor (CVE-2026-58138, CVSS 9.8) and StoneFly Storage Concentrator (CVE-2026-55721, CVSS 9.3), alongside multiple WordPress plugin vulnerabilities affecting EventON and SMS Alert OTP for WooCommerce. Remote code execution and authentication bypass patterns dominate, spanning application servers, storage appliances, AI/ML tooling, and content management systems. No vendor patches are currently reflected for these new disclosures, so timely tracking of vendor advisories and interim mitigations is recommended; three vulnerabilities are also confirmed as actively exploited.
Immediate action: Immediate action: Prioritize Adobe ColdFusion (CVE-2026-48276, CVE-2026-48277) and IBM Langflow OSS (CVE-2026-10134) given their CVSS 10 severity and enterprise exposure, and address the actively exploited PTC Windchill (CVE-2026-12569), Cisco Unified CM (CVE-2026-20230), and SimpleHelp (CVE-2026-48558) flaws. With no patches yet reflected for the new critical disclosures, apply vendor mitigations, restrict network exposure of affected services, and increase monitoring until fixes are released.
PTC Windchill and FlexPLM are vulnerable to improper input validation, allowing for potential exploitation. This vulnerability is confirmed as actively exploited in the wild.
A server-side request forgery (SSRF) vulnerability in Cisco Unified Communications Manager allows unauthenticated remote attackers to perform arbitrary file operations and escalate privileges to root.
SimpleHelp contains an authentication bypass in the OIDC flow, allowing unauthenticated attackers to forge tokens and gain full technician access without multi-factor authentication.
An SQL injection vulnerability in Redeight CMS allows unauthenticated remote attackers to execute arbitrary SQL commands via the "userEmail" parameter in the admin login endpoint.
Raytha CMS contains an SQL injection vulnerability in its OData filter parsing pipeline, enabling unauthenticated remote attackers to execute arbitrary SQL statements against the backend database.
The WP-BusinessDirectory plugin for WordPress contains an unauthenticated arbitrary file deletion vulnerability due to insufficient path validation in the upload controller.
Orkes Conductor is vulnerable to unauthenticated remote code execution via malicious workflow definitions that exploit improperly configured GraalVM evaluators.
StoneFly Storage Concentrator is vulnerable to unauthenticated SQL injection via cookie values in login.pl and debug.pl, allowing for sensitive data extraction.
IBM Langflow OSS contains a critical vulnerability allowing unauthenticated attackers to read secrets, modify database content, access internal services, and achieve persistent code execution.
The SMS Alert plugin for WordPress contains an account takeover vulnerability allowing unauthenticated attackers to reset administrator passwords via OTP verification bypass.
The EventON WordPress plugin is vulnerable to unauthenticated SQL injection via the search parameter due to insufficient input escaping and lack of parameterized queries.
Adobe ColdFusion is vulnerable to an unrestricted file upload flaw, allowing unauthenticated attackers to upload and execute arbitrary code.
Adobe ColdFusion contains an improper input validation vulnerability that allows unauthenticated remote attackers to achieve arbitrary code execution.
Adobe ColdFusion is vulnerable to an improper input validation flaw, enabling unauthenticated remote attackers to execute arbitrary code on the host system.
Adobe ColdFusion is affected by a path traversal vulnerability that permits unauthenticated remote attackers to execute arbitrary code.
Adobe ColdFusion is vulnerable to an unrestricted file upload flaw allowing unauthenticated attackers to achieve arbitrary code execution.
Adobe Campaign Classic contains an authorization flaw that allows unauthenticated remote attackers to execute arbitrary code.
Grav CMS is vulnerable to remote code execution via insecure PHP object deserialization, OS command injection, and server-side template injection.
A path traversal vulnerability in Adobe ColdFusion allows unauthenticated attackers to read sensitive files and perform limited writes on the file system.
Adobe ColdFusion is affected by an improper input validation vulnerability that allows for arbitrary code execution via malicious file interaction.
StoneFly Storage Concentrator stores hardcoded, reversible credentials for internal services within a configuration file, enabling potential unauthorized access to interconnected systems.
LlamaFactory allows unauthenticated attackers with WebUI access to execute arbitrary Python code by providing a malicious model path.
IBM Langflow OSS is susceptible to arbitrary code execution by authenticated users with Redis access, leading to full application compromise.
Containerd fails to validate image configuration labels, potentially allowing attackers to execute arbitrary commands on the host system.
DBIx::QuickORM for Perl is vulnerable to SQL injection via unquoted SQL identifiers when untrusted input is passed to identifier-related parameters.
UltraVNC repeater contains a global buffer overflow in its HTTP administration server, allowing unauthenticated remote code execution via a crafted URI.
The txtai API /reindex endpoint is vulnerable to remote code execution due to improper input validation in the function parameter, which allows arbitrary code execution if authentication is disabled.
IBM Db2 is vulnerable to remote code execution due to improper handling of the pre-authentication DRDA handshake process.
StoneFly Storage Concentrator is vulnerable to unauthenticated remote command injection via the ms_service.pl service, allowing root-level arbitrary code execution.
An unauthenticated command injection vulnerability in the StoneFly Storage Concentrator debug.pl script allows remote attackers to execute arbitrary system commands with root privileges.
Advantech Hospital Queuing Management contains a sensitive data exposure vulnerability that allows unauthenticated remote attackers to access API documentation.
IBM Langflow OSS contains a flaw in shared-state handling allowing cross-tenant API client reuse. Authenticated attackers can manipulate cache state to misattribute billing and credentials.
UltraVNC Repeater initializes its HTTP administration interface with a hardcoded default password, allowing unauthenticated remote attackers to gain full administrative control.
Eksagate SYSGUARD 6001 is vulnerable to a Blind SQL injection attack, allowing unauthenticated attackers to potentially extract database information via improperly neutralized SQL commands.
IBM Langflow OSS is susceptible to arbitrary OS command execution and unauthorized file access. Authenticated attackers can leverage this to achieve full system compromise.
A path traversal vulnerability in the DCMTK Toolkit allows a malicious server to force a client to write files to arbitrary locations on the host system.
IBM Langflow OSS contains a vulnerability where improper validation of flow nodes allows for arbitrary code execution. This occurs when component type fields are missing or empty.
Rancher's SAML Assertion Consumer Service handler is vulnerable to authentication replay attacks due to a failure to enforce one-time use of SAML assertions.
A cross-site scripting (XSS) vulnerability exists within the integrated help system of the IBM WebSphere Application Server administrative console.
A cross-site scripting (XSS) vulnerability exists in the IBM WebSphere Application Server administrative console help system, potentially allowing for malicious script execution.
Flowise uses a weak, hardcoded default secret for session management, enabling unauthenticated attackers to forge session cookies and hijack user accounts.
An improper authorization vulnerability in the IBM Langflow OSS Streamable MCP transport endpoint allows unauthenticated attackers to access and execute MCP operations.
Multiple memory overflow vulnerabilities in NetScaler ADC and Gateway can lead to Denial of Service (DoS) when configured as an Oracle load balancer, DNS proxy, or DNS recursive resolver.
A critical security vulnerability has been identified in phpMyFAQ versions prior to 4, which may allow for unauthorized access or system exploitation.
Adobe ColdFusion 2025 contains a high-severity vulnerability that requires immediate attention from security administrators to ensure platform integrity.
A high-severity vulnerability has been identified in the Coolify self-hosted server and application management platform.
Adobe ColdFusion 2025 is affected by a high-severity vulnerability that may allow for unauthorized system interaction or compromise.
Apple Safari contains an unspecified vulnerability that was addressed through improved validation checks.
Apple iOS and iPadOS contain an input sanitization vulnerability that could potentially be leveraged by attackers.
The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via the update_capabilities REST endpoint, allowing unauthorized users to elevate their access levels.
The BookingPress Appointment Booking Pro plugin for WordPress is susceptible to SQL injection via the 'store_service_date' parameter within the bpa_assign_staffmember_to_slots() function.
The RegistrationMagic plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to and including 6.
The WP Support Plus Responsive Ticket System WordPress plugin is vulnerable to an undisclosed flaw in versions through 9.
The WP Support Plus Responsive Ticket System WordPress plugin is vulnerable to an undisclosed flaw in versions through 9.
A memory overflow vulnerability in NetScaler ADC and Gateway appliances configured as SSL VPN, ICA, or AAA servers may lead to service disruption or Denial of Service (DoS).
The Ninja Forms plugin for WordPress is vulnerable to unauthorized data access due to a missing authorization check on the 'ninja-forms-views/token/refresh' REST API endpoint.
The Youtube Showcase plugin for WordPress is vulnerable to an Arbitrary Function Call, allowing attackers to execute unintended code via the plugin's interface.
The Visualizer plugin for WordPress is vulnerable to an authorization bypass, potentially allowing unauthorized users to perform sensitive actions.
Apache ActiveMQ is affected by an improper authorization vulnerability that could allow unauthorized access to system resources.
The Oj (Optimized JSON) Ruby gem contains a security vulnerability that may impact applications relying on its JSON parsing and object marshalling capabilities.
Insufficient input validation in NetScaler ADC and Gateway configured as a SAML IDP can lead to a memory overread vulnerability, potentially exposing sensitive information.
A denial of service vulnerability exists in NetScaler ADC and Gateway due to improper handling of malformed HTTP/2 requests when HTTP/2 is enabled.
A deserialization vulnerability in Control-M/Server and Control-M/Enterprise Manager allows unauthorized execution of arbitrary code via the messaging consumer functionality.
A local privilege escalation vulnerability in Nokia MantaRay NM allows an authenticated local user with administrative privileges to escalate to root.
UltraVNC Viewer is susceptible to a high-severity vulnerability that may allow for unauthorized system interaction or remote code execution.
Capgo software is affected by a high-severity vulnerability that could lead to unauthorized system access or compromise of the application environment.
An additional high-severity vulnerability has been identified in Capgo software, necessitating immediate attention to maintain system security.
A security vulnerability has been identified in OpenZiti through version 2, potentially exposing the system to unauthorized access or operational disruption.
A security flaw exists in DeepTutor versions prior to 1, potentially allowing attackers to bypass security controls or compromise the application environment.
A flaw in the Rancher GitHub authentication provider causes incorrect caching of team memberships, allowing unauthorized users to gain principal access.
The Delta Electronics DVP80ES3 controller contains a vulnerability involving an improperly implemented security check, which may allow for unauthorized access or operational disruption.
Seiko SkyBridge MB-A100 and MB-A110 devices are vulnerable to OS command injection due to improper neutralization of special elements in input.
Redeight CMS version 1 contains an unrestricted file upload vulnerability that may allow attackers to upload and execute malicious files on the server.
A security vulnerability exists in IBM WebSphere Application Server 9 that may allow for unauthorized system access or impact.
A high-severity security vulnerability has been identified in IBM Langflow OSS 1 that may pose a risk to system integrity.
A security vulnerability in IBM WebSphere Application Server - Liberty 17 could allow for unauthorized system compromise.
Capgo versions prior to 12 are affected by a security vulnerability that may expose the system to unauthorized access or manipulation.
A high-severity vulnerability exists in Vibe-Trading software that may allow for unauthorized system interaction.
A high-severity vulnerability in electron-builder's updater component may allow for the compromise of the automatic update mechanism.
An unauthenticated directory traversal vulnerability in the OFFIS DCMTK Toolkit allows for the unauthorized reading of worklist records.
A critical security vulnerability has been identified in IBM Langflow OSS that requires immediate attention from system administrators.
A security flaw exists within IBM Langflow OSS, necessitating prompt mitigation to prevent unauthorized system interaction.
A security vulnerability exists in Picklescan that may allow unauthorized operations. Further technical details remain limited pending disclosure.
Picklescan contains a high-severity security flaw that could lead to unauthorized system access or data compromise.
A security flaw in Picklescan may allow unauthorized exploitation, necessitating immediate attention from security administrators.
A security vulnerability exists in picklescan that may allow for unauthorized code execution or data manipulation.
A security flaw has been identified in picklescan that could lead to unauthorized system impacts.
A critical security vulnerability has been discovered in picklescan that requires immediate attention from security administrators.
A security vulnerability exists in the Picklescan library that may allow for unauthorized operations. Users are advised to update to the latest version to mitigate potential risks.
A security vulnerability in the Crawl4AI framework may allow for unauthorized access or system manipulation. Administrators should verify their current deployment status.
A vulnerability in Capgo versions prior to 12 may allow for unauthorized system interaction. Users are urged to upgrade to version 12 or later immediately.
A vulnerability has been discovered in IBM DevOps Automation that could permit unauthorized access or system disruption.
A vulnerability exists in Woodpecker CI versions prior to 3 that may expose the system to unauthorized access or operational disruption.
A security vulnerability in SeaweedFS versions before 4 could lead to unauthorized access to the distributed storage system.
A vulnerability in JeecgBoot through version 3 may allow for unauthorized access or system manipulation due to insufficient security controls.
An out-of-bounds heap write vulnerability exists in the RAR5 recovery-volume processing logic of WinRAR, potentially allowing arbitrary code execution.
The electron-updater component in electron-builder contains a vulnerability in the automatic update mechanism that could lead to unauthorized code execution.
Nokia MantaRay NM is vulnerable to an unrestricted file upload flaw due to insufficient validation of user-submitted file types.
The brace-expansion package is vulnerable to security flaws in versions through 5, potentially allowing for unexpected behavior or arbitrary code execution.
Picklescan versions before 0 are susceptible to security vulnerabilities that may lead to unauthorized data access or malicious code execution when processing untrusted input.
Capgo versions before 12 are vulnerable to security flaws that could permit unauthorized access or manipulation of updates, impacting the integrity of the software delivery pipeline.
IBM Business Automation Manager Open Editions contains an unspecified security vulnerability that requires immediate attention from system administrators.
Dolibarr ERP/CRM is affected by a security vulnerability that may allow unauthorized access or system impact. Users are advised to verify their current version against the latest vendor security releases.
The Delta Electronics DVP80ES3 PLC is susceptible to an improper resource shutdown or release vulnerability, which could result in a denial-of-service condition.
The Delta Electronics DVP80ES3 PLC is affected by a vulnerability involving the improper enforcement of message integrity during transmission.
The Delta Electronics DVP80ES300T PLC is vulnerable to an improper validation of array index, potentially leading to memory corruption or instability.
UltraVNC viewer contains a vulnerability that may allow for unauthorized memory access or arbitrary code execution through improper input handling.
Capgo software is affected by a vulnerability that may allow an attacker to bypass security controls or gain unauthorized access to system functions.