CVE-2026-4681
Critical Remote Code Execution vulnerability reported in Windchill
CVSS Score
0.0
EPSS Score
0.4%
EPSS Percentile
59th
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 12.1.2.0, 12.1.3.0, 13.0.2.0, 13.0.3.0.
| CWE | CWE-94 |
| Vendor | ptc |
| Product | windchill pdmlink |
| Published | Mar 23, 2026 |
| Last Updated | Mar 24, 2026 |
Stay Ahead of the Next One
Get instant alerts for ptc windchill pdmlink
Be the first to know when new unknown vulnerabilities affecting ptc windchill pdmlink are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
PTC / Windchill PDMLink
11.0 M030 11.1 M020 11.2.1.0 12.0.2.0 12.1.2.0 13.0.2.0 13.1.0.0 13.1.1.0 13.1.2.0 13.1.3.0
PTC / FlexPLM
11.0 M030 11.1 M020 11.2.1.0 12.0.0.0 12.0.2.0 12.0.3.0 12.1.2.0 12.1.3.0 13.0.2.0 13.0.3.0