CVE-2026-8047 | CODESYS Control RTE 3.5.22.0 HTTP Request improper validation of specified quantity in input (VDE-2026-057)

May 26, 2026 Yanac

A vulnerability, which was classified as critical, has been found in CODESYS Control RTE, Control RTE SL, Control Win, HMI, Runtime Toolkit, Control for BeagleBone SL, Control for emPC-A, iMX6 SL, Control for IOT2000 SL, Control for Linux ARM SL, Control for Linux SL, Control for PFC100 SL, Control for PFC200 SL, Control for PLCnext SL, Control for Raspberry Pi SL, Control for WAGO Touch Panels 600 SL and Virtual Control SL 3.5.22.0. This issue affects some unknown processing of the component HTTP Request Handler. This manipulation causes improper validation of specified quantity in input.

This vulnerability is handled as CVE-2026-8047. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More