CVE-2026-4681
Published: Mar 23, 2026
Modified: Mar 24, 2026
Description
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 12.1.2.0, 12.1.3.0, 13.0.2.0, 13.0.3.0.
| Vendor | Product | Versions |
|---|---|---|
PTC | Windchill PDMLink | affected 11.0 M030affected 11.1 M020affected 11.2.1.0affected 12.0.2.0affected 12.1.2.0+5 more versions |
PTC | FlexPLM | affected 11.0 M030affected 11.1 M020affected 11.2.1.0affected 12.0.0.0affected 12.0.2.0+5 more versions |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now