ScadaBR – Multiple Vulnerabilities

28/05/2026

Multiple vulnerabilities affect ScadaBR. Tenable was unsuccessful in contacting the project. Recent publications indicate similar difficulty.

CVE-2026-9645 Authenticated Remote Code Execution (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)

Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root.

CVE-2026-9646 Unauthenticated Reflected Cross-Site Scripting (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

A reflected cross-site scripting issue exists in URL handling.

Ben Smith Thu, 05/28/2026 – 13:31
– Read more

Monday	08:00 - 17:00
Tuesday	08:00 - 17:00
Wednesday	08:00 - 17:00
Thursday	08:00 - 17:00
Friday	08:00 - 17:00

ScadaBR – Multiple Vulnerabilities

Latest article

Metasploit Wrap Up 05/29/2026

Dexcom Warns Stolen G7 Glucose Sensors May Pose Infection, Reading Risks

DNS-AID will make AI agents easier to discover, says Linux Foundation

Ransomware Uses SYSTEM Scheduled Task to Encrypt Local Drives With Elevated Privileges

EDITOR PICKS

Metasploit Wrap Up 05/29/2026

Dexcom Warns Stolen G7 Glucose Sensors May Pose Infection, Reading Risks

DNS-AID will make AI agents easier to discover, says Linux Foundation

POPULAR POSTS

Threats to users of adult websites in 2018

The World’s Most Popular Coding Language Happens to be Most Hackers’...

IT threat evolution Q2 2019

POPULAR CATEGORY

Metasploit Wrap Up 05/29/2026

Dexcom Warns Stolen G7 Glucose Sensors May Pose Infection, Reading Risks

DNS-AID will make AI agents easier to discover, says Linux Foundation