CVE-2026-25938 in FUXAinfo

Zusammenfassung

von MITRE • 10.02.2026

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execute arbitrary code on the server when the Node-RED plugin is enabled. This has been patched in FUXA version 1.2.11.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

GitHub M

Reservieren

09.02.2026

Veröffentlichung

10.02.2026

Moderieren

akzeptiert

Eintrag

VDB-345079

CPE

bereit

CWE

CWE-290 (bestätigt)

CVSS

9.8 (NVD)

EPSS

0.00145

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-25938
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-25938
CVE Details	https://www.cvedetails.com/cve/CVE-2026-25938/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!