Threatscape

All the following vulnerabilities were discovered either by Positive Research experts or by automated security products from Positive Technologies, including MaxPatrol and PT Application Inspector.

Severity rating
Date
Vendor
Vulnerable systems
High7.7
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

PT-2026-14: Integer underflow leads to Remote Code Execution in Yokogawa Centum VP

Vendor:Yokogawa Electric CorporationVulnerable product:Centum VPCVE ID:CVE-2025-1924BDU ID:BDU:2025-02823Fixed on:13 February 2026
High7.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

PT-2026-13: Process termination caused by the command with non-standard length of a data block in Yokogawa Centum VP

Vendor:Yokogawa Electric CorporationVulnerable product:Centum VPCVE ID:CVE-2025-48022BDU ID:BDU:2025-08839Fixed on:13 February 2026
High7.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

PT-2026-12: OOB memory read in a handler of the command in Yokogawa Centum VP

Vendor:Yokogawa Electric CorporationVulnerable product:Centum VPCVE ID:CVE-2025-48021BDU ID:BDU:2025-08838Fixed on:13 February 2026
High7.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

PT-2026-11: Process termination caused by a VnetIP message in Yokogawa Centum VP

Vendor:Yokogawa Electric CorporationVulnerable product:Centum VPCVE ID:CVE-2025-48023BDU ID:BDU:2025-08840Fixed on:13 February 2026
High7.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

PT-2026-10: Process termination caused by a VnetIP message in Yokogawa Centum VP

Vendor:Yokogawa Electric CorporationVulnerable product:Centum VPCVE ID:CVE-2025-48020BDU ID:BDU:2025-08837Fixed on:13 February 2026
High7.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

PT-2026-09: Process termination caused by a VnetIP message in Yokogawa Centum VP

Vendor:Yokogawa Electric CorporationVulnerable product:Centum VPCVE ID:CVE-2025-48019BDU ID:BDU:2025-08836Fixed on:13 February 2026
High8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

PT-2026-08: Local Privilege Escalation Vulnerabilities in the Linux Kernel (Dirty Frag)

CVE ID:CVE-2026-43284 and CVE-2026-43500BDU ID:BDU:2026-06439 and BDU:2026-06470
High8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

PT-2026-07: Local Privilege Escalation Vulnerability in the Linux Kernel (Copy Fail)

CVE ID:CVE-2026-31431BDU ID:BDU:2026-06123
High8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

PT-2026-03: Access Control Violation Vulnerability in PT NGFW

Vendor:Positive TechnologiesVulnerable product:PT NGFWBDU ID:BDU:2026-02528
High7
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

PT-2025-99: Deserialization of untrusted data in FreeScout

Vendor:FreeScoutVulnerable product:FreeScoutBDU ID:BDU:2025-13048Fixed on:19 July 2025
  • ...

Thinking about the best way to protect your company?

Contact us.

During the consultation we'll propose a solution precisely tailored to your organization.

 

General questions
We're happy to answer any questions you may have.
Partnership
Join us in making the world a safer place.
Request a pilot
Test drive our solutions with a customized pilot program.