CVE-2021-26828CISA KEVEPSS p98.4%

CVE-2021-26828OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

OpenPLC / ScadaBR

Description

OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.

Scoring

EPSS39.36% probability of exploitation · percentile 98.4% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2025-12-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryOpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerabilitykev-cve-2021-268280%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
OpenPLC ScadaBR Cross-site Scripting Vulnerability
CVE
CVE-2025-1066
CVE
CVE-2025-14849
CVE
CVE-2026-8604
CVE
CVE-2026-8603
CVE
CVE-2026-21628
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.