CVE-2025-26381 | Johnson Controls OpenBlue Mobile Web Application direct request (icsa-25-338-03)

Inserito da Angelo Barbosa | Dic 5, 2025 | CVE

A vulnerability classified as problematic was found in Johnson Controls OpenBlue Mobile Web Application. This affects an unknown function. Executing manipulation can lead to direct request.

The identification of this vulnerability is CVE-2025-26381. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2025-26381 | Johnson Controls OpenBlue Mobile Web Application direct request (icsa-25-338-03)

Post correlati

CVE-2024-11032 | Parsi Date Plugin up to 5.1.1 on WordPress add_query_arg cross site scripting

CVE-2024-10176 | Compact WP Audio Player Plugin up to 1.9.13 on WordPress Shortcode sc_embed_player cross site scripting

CVE-2025-26311 | libming 0.4.8 SWF File util/parser.c parseSWF_CLIPACTIONS memory leak (Issue 329)

CVE-2024-38221 | Microsoft Edge up to 128.0.2739.42 cross site scripting