{"vulnerability": "CVE-2026-10521", "sightings": [{"uuid": "efcde825-cd05-4af0-a2cc-f4cfe1462bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10521", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116798271507262478", "content": "#OT #Advisory VDE-2026-068MB connect line: Authenticated unintended access to critical program parameters in mbCONNECT24/mymbCONNECT24\nThere is a vulnerability in mbCONNECT24/mymbCONNECT24 that allows an authenticated remote attacker to access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters.#CVE CVE-2026-10521\nhttps://certvde.com/en/advisories/vde-2026-068/\n#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-068.json", "creation_timestamp": "2026-06-23T07:36:29.174103Z"}, {"uuid": "7740c096-e274-461a-832e-2cd13c133e10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10521", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116798307883543003", "content": "#OT #Advisory VDE-2026-070Helmholz: Authenticated unintended access to critical program parameters in myREX24V2/myREX24V2.virtual\nThere is a vulnerability in myREX24V2/myREX24V2.virtual that allows an authenticated remote attacker to access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters.#CVE CVE-2026-10521\nhttps://certvde.com/en/advisories/vde-2026-070/\n#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-070.json", "creation_timestamp": "2026-06-23T07:45:43.319734Z"}, {"uuid": "26704caa-67d1-4dfd-8652-5f89da3a23d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10521", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moxbtbxh4y2q", "content": "CVE-2026-10521 - Authenticated unintended access to critical program parameters\nCVE ID : CVE-2026-10521\n \n Published : 23 juin 2026 07:34 | 2\u00a0heures, 9\u00a0minutes ago\n \n Description : An high privileged remote attacker can access a hidden configuration method, that should not be ...", "creation_timestamp": "2026-06-23T11:20:33.634650Z"}, {"uuid": "5971fe8c-aab2-47d8-8d84-9b894d2a2b18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10521", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116799310216975861", "content": "CVE-2026-10521 (HIGH, CVSS 8.6) in mbCONNECT24: Remote attackers with high privileges can access hidden configs, risking full system compromise. No patch yet \u2014 restrict access & monitor vendor updates. https://radar.offseq.com/threat/cve-2026-10521-cwe-425-direct-request-forced-brows-d20bd7167efa941e #OffSeq #Vulnerability #ICS #Security", "creation_timestamp": "2026-06-23T12:00:38.718609Z"}, {"uuid": "8704278a-1132-4fdc-a900-0e3997fb3f55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10521", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moxe2yd2da2o", "content": "CVE-2026-10521: HIGH severity flaw in MB connect line mbCONNECT24 lets privileged attackers access hidden config methods, risking total system compromise. No patch \u2014 restrict access, monitor advisories. https://radar.offseq.com/threat/cve-2026-10521-cwe-425-direct-request-forced-brows-d20bd7167ef...", "creation_timestamp": "2026-06-23T12:00:39.570684Z"}]}