CVE-2026-22918 | THREATINT

Description

An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions through maliciously crafted web pages, leading to the extraction of sensitive data.

PUBLISHED Reserved 2026-01-13 | Published 2026-01-15 | Updated 2026-01-15 | Assigner SICK AG

MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Problem types

CWE-1021 Improper Restriction of Rendered UI Layers or Frames

Product status

Default status

affected

all versions (custom)

affected

References

sick.com/psirt

www.sick.com/...lines_cybersecurity_by_sick_en_im0106719.pdf

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.json

www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.pdf vendor-advisory

cve.org (CVE-2026-22918)

nvd.nist.gov (CVE-2026-22918)

Download JSON