VDB
CVE-2026-22645
CVE-2026-22645
PUBLISHED
CVSS 5.300000190734863 MEDIUM
The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components.
EPSS 0.02% · 5.5th percentile
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.02%
5.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SICK AG | Incoming Goods Suite | 0, 0 |
| sick | incoming_goods_suite | 0, 0 |
Timeline
- Jan 15, 2026 CVE Published
- Jan 15, 2026 CVE Updated
- Jan 15, 2026 PoC Published
- Jan 16, 2026 EPSS Score
- Jan 19, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
- Jan 25, 2026 EPSS Score
- Jan 27, 2026 EPSS Score
- Jan 30, 2026 EPSS Score
- Feb 2, 2026 EPSS Score
- Feb 5, 2026 EPSS Score
- Feb 8, 2026 EPSS Score
References
- https://sick.com/psirt url
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.first.org/cvss/calculator/3.1 url
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json url
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-22645 advisory