Signal

Critical vulnerabilities disclosed in Red Hat OpenShift AI, Apache IoTDB, and OpenPLC v3

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-07-11 02:00 UTCUpdated 2026-07-11 02:00 UTC
rss
cvevulnerabilitycriticalpatchindustrial_control_systemscloud_security
Trend in the last 24h
Current brief openSource links open
This current signal is open on the public brief with summary, metadata, source links, and full evidence. Pro adds compare-over-time, alerts, exports, and workflow.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.
3 top sources shown
Critical vulnerability in OpenPLC v3
NCSC-FI - Vulnerabilities · cisa.gov · 2026-07-11 02:00 UTC
Multiple critical vulnerabilities in Apache IoTDB
NCSC-FI - Vulnerabilities · lists.apache.org · 2026-07-11 02:00 UTC
NCSC-FI - Vulnerabilities RSS
access.redhat.com · access.redhat.com · 2026-07-11 02:00 UTC
Overview

Three critical security vulnerabilities have been reported in widely used software platforms. Red Hat OpenShift AI's guardrails-detectors component is vulnerable to blind SSRF via crafted XML Schema Definition strings (CVE-2026-15378).

Entities
Red HatApacheOpenPLCOpenShift AIIoTDB
Score total
1.05
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
  • The vulnerabilities were disclosed recently with some patches already available, emphasizing urgent remediation.
  • OpenPLC v3 remains unpatched, posing ongoing risk to industrial control systems.
  • Awareness enables organizations to prioritize updates and reduce exposure to active threats.
Why it matters
  • These vulnerabilities affect critical infrastructure and cloud platforms widely used in enterprise and industrial environments.
  • Successful exploitation could lead to remote code execution, data exposure, or system compromise.
  • Timely patching is essential to mitigate risks from these high-severity flaws.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
  • Red Hat OpenShift AI has a critical blind SSRF vulnerability exploitable via crafted XML Schema Definition strings.
  • Apache IoTDB suffers multiple critical vulnerabilities including arbitrary class instantiation, path traversal, and authorization bypass.
  • OpenPLC v3 has a critical vulnerability allowing authenticated attackers to write arbitrary files and escalate to native code execution.
How sources frame it
  • NCSC-FI - Vulnerabilities: neutral
This briefing highlights critical vulnerabilities across cloud AI, IoT database, and industrial control software with varying patch availability.
All evidence
All evidence
Critical vulnerability in OpenPLC v3
NCSC-FI - Vulnerabilities · cisa.gov · 2026-07-11 02:00 UTC
NCSC-FI - Vulnerabilities RSS
access.redhat.com · access.redhat.com · 2026-07-11 02:00 UTC
Multiple critical vulnerabilities in Apache IoTDB
NCSC-FI - Vulnerabilities · lists.apache.org · 2026-07-11 02:00 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
  • NCSC-FI - Vulnerabilities (2)
  • access.redhat.com (1)
Top origin domains (this list)
  • cisa.gov (1)
  • access.redhat.com (1)
  • lists.apache.org (1)