CVE-2025-13970 | OpenPLC v3 Setting cross-site request forgery

December 13, 2025 Yanac

A vulnerability identified as problematic has been detected in OpenPLC v3. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2025-13970. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-14636 | Tenda AX9 22.03.01.46 httpd image_check weak hash
CVE-2025-67721 | airlift aircompressor up to 3.3 insertion of sensitive information into sent data (GHSA-vx9q-rhv9-3jvg)