CVE-2026-1227 | Schneider Electric EcoStruxure Building Operation Workstation TGML Graphics File xml external entity reference (SEVD-2026-041-02)

A vulnerability, which was classified as problematic, has been found in Schneider Electric EcoStruxure Building Operation Workstation and EcoStruxure Building Operation Webstation. Affected by this vulnerability is an unknown functionality of the component TGML Graphics File Handler. The manipulation leads to xml external entity reference.

This vulnerability is documented as CVE-2026-1227. The attack can be initiated remotely. There is not any exploit available.

It is suggested to install a patch to address this issue.

CVE-2026-1227 | Schneider Electric EcoStruxure Building Operation Workstation TGML Graphics File xml external entity reference (SEVD-2026-041-02)

Post correlati

CVE-2025-21122 | Adobe Photoshop Desktop up to 25.12/26.1 integer underflow (apsb25-02)

CVE-2025-12860 | DedeBIZ up to 6.3.2 /admin/freelist_main.php orderby sql injection

CVE-2025-5008 | projectworlds Online Time Table Generator 1.0 /admin/add_teacher.php sql injection

CVE-2024-6263 | WP Lightbox 2 up to 3.0.6.6 on WordPress cross site scripting