High severityNVD Advisory· Published May 12, 2026· Updated May 12, 2026

CVE-2026-35227

Description

An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

certvde.com/de/advisories/VDE-2026-042nvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000