vulnerability context

CVE-2026-12569

CISA KEV - actively exploitedEPSS 56%CWE-20OTX 9 pulses

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. * This advisory also applies to all CPS versions * The identified vulnerability also impacts Windchill and FlexPLM releases prior to 11.0 M030

Published 2026-06-18 · last modified 2026-06-25

details

CISA KEV status: In catalog - actively exploited
EPSS: 56% percentile (score 0.0093)
CWE: CWE-20
OTX pulses: 9 total, 0 recent

View on NVD → · cve.org

source mentions 2

[CVESentinel] 🛑 CVE-2026-12569 PTC Windchill and FlexPLM CVSS 9.3 / EPSS 0% / KEV ✅ TL;DR: A critical remote code execution (...Bluesky · 1d ago
CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA Alerts · 1d ago

source consensus

Bluesky1×
CISA Alerts1×

Want the 3-bullet summary of CVE-2026-12569, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →