PatchSiren cyber security CVE debrief
CVE-2026-8464 Neuron Soft CVE debrief
CVE-2026-8464 is a HIGH-severity vulnerability in Golem OEE MES, with a CVSS score of 8.3. The issue, published on [cvePublishedAt], allows an unauthenticated attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. The vulnerability has been fixed in version 11.6.0. For more information, see resourceLinkAnnotations with linkId: 'cve-org' and 'nvd'.
- Vendor
- Neuron Soft
- Product
- Golem OEE MES
- CVSS
- HIGH 8.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Users of Golem OEE MES, especially those in environments where the system is exposed to local networks.
Technical summary
Unauthenticated path traversal vulnerability in Golem OEE MES, allowing attackers to read arbitrary files by manipulating HTTP request paths.
Defensive priority
HIGH
Recommended defensive actions
- Update Golem OEE MES to version 11.6.0 or later.
- Restrict access to the system to only trusted networks and users.
- Monitor system logs for suspicious activity.
Evidence notes
Vendor and product information is not fully confirmed, but the issue is publicly known and fixed.
Official resources
CVE-2026-8464 was published and CVE-2026-8464 was modified.