Browse all 5 CVE security advisories affecting OpenPLC_V3. AI-powered Chinese analysis, POCs, and references for each vulnerability.
OpenPLC_V3 serves as an open-source industrial control system for automation and SCADA applications, commonly deployed in manufacturing and critical infrastructure. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues due to insufficient input validation and authentication mechanisms. The platform's five recorded CVEs highlight recurring weaknesses in web interfaces and communication protocols, with some instances allowing unauthenticated attackers to execute arbitrary commands or bypass security controls. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests a need for rigorous hardening measures before deployment in security-sensitive environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-35063 | Missing Authorization in OpenPLC_V3 — OpenPLC_V3CWE-862 | 8.8AI | HighAI | 2026-04-09 |
| CVE-2026-35556 | Plaintext storage of a password in OpenPLC_V3 — OpenPLC_V3CWE-256 | 9.8AI | CriticalAI | 2026-04-09 |
| CVE-2026-28205 | Initialization of a resource with an insecure default in OpenPLC_V3 — OpenPLC_V3CWE-1188 | 9.8AI | CriticalAI | 2026-04-09 |
| CVE-2025-13970 | OpenPLC_V3 Cross-Site Request Forgery — OpenPLC_V3CWE-352 | 8.0 | High | 2025-12-13 |
| CVE-2025-54811 | OpenPLC_V3 — OpenPLC_V3CWE-758 | 7.1 | High | 2025-10-01 |
This page lists every published CVE security advisory associated with OpenPLC_V3. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.