GHSA-f345-wxwr-fxfhCriticalCVSS 9.8

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink...

Published
June 18, 2026
Last Modified
June 26, 2026

🔗 CVE IDs covered (1)

📋 Description

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data.  * This advisory also applies to all CPS versions

  • The identified vulnerability also impacts Windchill and FlexPLM releases prior to 11.0 M030

🔗 References (4)