CVE-2026-35078 | MBS Single-A prior 6_0_0_7 ugw-logstop file inclusion (VDE-2026-039)

A vulnerability identified as problematic has been detected in MBS Single-A, Double-A Profibus, Double-A x-link, Single-X, Double-X CAN, Double-X DALI, Double-X KNX, Double-X LON, Double-X M-Bus, Double-X PROFINET, Double-X x-link, Triple-X KNX+DALI, Triple-X KNX+LON, Triple-X KNX+M-Bus, Triple-X PROFINET+DALI, Triple-X PROFINET+KNX, Triple-X PROFINET+LON and Triple-X PROFINET+M-Bus. The impacted element is the function ugw-logstop. The manipulation leads to file inclusion.

This vulnerability is documented as CVE-2026-35078. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-35078 | MBS Single-A prior 6_0_0_7 ugw-logstop file inclusion (VDE-2026-039)

Post correlati

CVE-2026-28376 | Grafana OSS up to 13.0.1+security-00 Live Push Endpoint allocation of resources

CVE-2025-9187 | Mozilla Firefox up to 141 memory corruption

CVE-2024-5700 | Mozilla Firefox up to 126 memory corruption

CVE-2025-43481 | Apple macOS up to 15.7.1 App sandbox