VDB
CVE-2026-44411
CVE-2026-44411
PUBLISHED
CVSS 7.800000190734863 HIGH
Solid Edge SE2026 before Update 5 is affected by two file parsing vulnerabilities that could be triggered when the application reads specially crafted files in PAR format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a new version for Solid Edge SE2026 and recommends to update to the latest version. The following versions of Siemens Solid Edge are affected: Solid Edge vers:intdot/ CVSS Vendor Equipment Vulnerabilities v3 7.8 Siemens Siemens Solid Edge Access of Uninitialized Pointer, Stack-based Buffer Overflow Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany
EPSS 0.02% · 4.0th percentile
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.02%
4.0th percentile
Timeline
- May 12, 2026 CVE Published
- May 12, 2026 PoC Published
- May 12, 2026 PoC Published
- May 13, 2026 Security Advisory
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-03 advisory
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-134-03.json advisory
- https://www.cve.org/CVERecord?id=CVE-2026-44411 technical
- https://support.sw.siemens.com/product/246738425/ vendor
- https://cwe.mitre.org/data/definitions/824.html technical
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H technical
- https://www.cve.org/CVERecord?id=CVE-2026-44412 technical
- https://cwe.mitre.org/data/definitions/121.html technical