CVE-2026-4681

Vulnerability Description

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 12.1.2.0, 12.1.3.0, 13.0.2.0, 13.0.3.0.

Related Weaknesses (CWE)

CWE-94

References

https://www.ptc.com/en/about/trust-center/advisory-center/active-advisories/wind

FAQ

What is CVE-2026-4681?

CVE-2026-4681 is a documented vulnerability. A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue a...

How severe is CVE-2026-4681?

CVSS scoring is not yet available for CVE-2026-4681. Check NVD for updates.

Is there a patch for CVE-2026-4681?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.