CISA Flags Critical PTC Vulnerability That Had German Police Mobilized CISA has warned U.S. organizations about a critical deserialization vulnerability in PTC’s Windchill and FlexPLM products that can allow remote, unauthenticated attackers to execute arbitrary code. PTC has not released patches yet but has provided mitigations and IoCs, while German authorities’ unprecedented physical alerts suggest exploitation may be imminent. #CVE-2026-4681 #Windchill...

CISA warns of a critical deserialization vulnerability (CVE-2026-4681) in PTC Windchill and FlexPLM that allows remote code execution without authentication. German police have issued physical alerts. #PTCFlaw #Germany #RemoteCode