CVE-2026-25786

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (2)

Siemens SIMATIC S7 PLC Web Server

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-134-15.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>SIMATIC S7 PLCs contain multiple vulnerabilities in the web server that could allow an attacker to perform cross-site scripting attacks. Siemens has released new versions for several affected products and recommends to update to the l

CVE-2026-25786CVE-2026-25787

4d agoCISA Advisories

CRITICALVulnerability

NVD CRITICAL: CVE-2026-25786 — Affected devices do not properly validate and sanitize PLC/station name rendered...

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "communication" parameters page, the malicious code wo

CVE-2026-25786

6d agoNIST NVD