Browse all 7 CVE security advisories affecting OpenPLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.
OpenPLC serves as an open-source industrial control system for automation and SCADA applications, commonly deployed in manufacturing and critical infrastructure environments. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with seven CVEs documented to date. The platform's web interface and communication protocols have been primary attack vectors, exposing systems to unauthorized access and manipulation. While no major public security incidents have been widely reported, the consistent discovery of critical vulnerabilities highlights ongoing security challenges in its architecture and implementation, necessitating rigorous hardening and continuous monitoring for production deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-53476 | OpenPLC 安全漏洞 — OpenPLC_v3CWE-775 | 5.3 | Medium | 2025-10-07 |
| CVE-2025-1066 | CVE-2025-1066 — OpenPLC | 9.1 | - | 2025-02-05 |
| CVE-2024-36981 | OpenPLC 缓冲区错误漏洞 — OpenPLC_v3CWE-125 | 7.5 | High | 2024-09-18 |
| CVE-2024-36980 | OpenPLC 缓冲区错误漏洞 — OpenPLC_v3CWE-125 | 7.5 | High | 2024-09-18 |
| CVE-2024-34026 | OpenPLC 安全漏洞 — OpenPLC_v3CWE-121 | 9.0 | Critical | 2024-09-18 |
| CVE-2024-39589 | OpenPLC 代码问题漏洞 — OpenPLC_v3CWE-704 | 7.5 | High | 2024-09-18 |
| CVE-2024-39590 | OpenPLC 代码问题漏洞 — OpenPLC_v3CWE-704 | 7.5 | High | 2024-09-18 |
This page lists every published CVE security advisory associated with OpenPLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.