CRITICAL
PTC
CVE published 2026-03-26
CVE-2026-4681
CVE-2026-4681 is a critical remote code execution vulnerability affecting PTC Windchill PDMLink and PTC FlexPLM. The CISA CSAF advisory states the issue may be exploited through deserialization of untrusted data and assigns a CVSS v3.1 score of 10.0. CISA’s record republishes PTC’s CS466318 and notes workaround guidance is available while PTC develops a fix. Publicly accessible Windchill systems are calle [truncated]