CVE-2026-3509 | CODESYS Control RTE prior 3.5.22.0 format string (VDE-2026-018)

A vulnerability, which was classified as critical, has been found in CODESYS Control RTE, Control RTE SL, Control Win, Runtime Toolkit, Control for BeagleBone SL, Control for emPC-A, iMX6 SL, Control for IOT2000 SL, Control for Linux ARM SL, Control for Linux SL, Control for PFC100 SL, Control for PFC200 SL, Control for PLCnext SL, Control for Raspberry Pi SL, Control for WAGO Touch Panels 600 SL and Virtual Control SL. Affected is an unknown function. The manipulation leads to format string.

This vulnerability is listed as CVE-2026-3509. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-3509 | CODESYS Control RTE prior 3.5.22.0 format string (VDE-2026-018)

Post correlati

CVE-2023-52804 | Linux Kernel up to 6.6.2 db_maxag array index

CVE-2024-34367 | Popup Box Plugin up to 4.1.2 on WordPress cross-site request forgery

CVE-2024-4173 | Brocade SANnav up to 2.3.0 Kafka access control

CVE-2024-11420 | Blocksy Plugin up to 2.0.77 on WordPress cross site scripting