VDB
CVE-2026-22646
CVE-2026-22646
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.
EPSS 0.02% · 6.5th percentile
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.02%
6.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sick | incoming_goods_suite | 0, 0 |
| SICK AG | Incoming Goods Suite | 0, 0 |
Exploit Intelligence
- CIRCL seen: CVE-2026-22646 (circl-sighting)
- https://sick.com/psirt (circl)
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf (circl)
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices (circl)
- https://www.first.org/cvss/calculator/3.1 (circl)
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json (circl)
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf (circl)
Timeline
- Jan 15, 2026 CVE Published
- Jan 15, 2026 PoC Published
- Jan 16, 2026 EPSS Score
- Jan 19, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
- Jan 25, 2026 EPSS Score
- Jan 28, 2026 EPSS Score
- Jan 30, 2026 EPSS Score
- Jan 30, 2026 CVE Updated
- Feb 2, 2026 EPSS Score
- Feb 5, 2026 EPSS Score
- Feb 8, 2026 EPSS Score
References
- https://sick.com/psirt url
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.first.org/cvss/calculator/3.1 url
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json url
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-22646 advisory