๐Ÿ” CVE Alert

CVE-2026-8604

UNKNOWN 0.0

Cross-Site request forgery (CSRF) in ScadaBR

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage.

CWE CWE-352
Vendor scadabr
Product scadabr
Published May 19, 2026
Last Updated May 19, 2026
Stay Ahead of the Next One

Get instant alerts for scadabr scadabr

Be the first to know when new unknown vulnerabilities affecting scadabr scadabr are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

ScadaBR / ScadaBR
1.2.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
cisa.gov: https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03

Credits

Arad Inbar, Nir Somech, Ben Grinberg, Daniel Lubel, Erez Cohen, and Adiel Sol of DREAM reported these vulnerabilities to CISA.