CVE-2026-12569

KEV EPSS 1.1%

hype ACTIVE HACK · 88 hack

KEV confirmation + CISA official statement + multiple sources reporting active exploitation in wild.

What: Remote code execution in PTC Windchill PDMlink and FlexPLM via improper input validation; unauthenticated network-accessible vulnerability (CVSS 9.3, EPSS 0.5%).

Why it matters: KEV-listed 2026-06-25 with confirmed active exploitation in the wild. CISA formally added to known exploited catalog based on evidence of real-world abuse. No patch available yet; vendors issuing urgent restriction guidance.

Where it's seen: Multiple security feeds (OffSeq, CVESentinel, HackerNews) citing CISA catalog addition and active exploitation. Defender chatter focuses on network segmentation and vendor update tracking. One post claims web shells observed on login pages.

RISK: CRITICAL — KEV-listed, active in-the-wild exploitation, unauthenticated RCE, critical CVSS, no patch available.

Generated by claude-haiku-4-5 from public posts and authoritative metadata. AI can make mistakes — verify against vendor advisories before acting. 6/26/2026, 6:49:31 PM

No NVD details ingested for this CVE yet.