A vulnerability has been identified in Mendix Studio Pro 10.11 (All versions), Mendix Studio Pro 10.12 (All versions), Mendix Studio Pro 10.13 (All versions), Mendix Studio Pro 10.14 (All versions), Mendix Studio Pro 10.15 (All versions), Mendix Studio Pro 10.16 (All versions), Mendix Studio Pro 10.17 (All versions), Mendix Studio Pro 10.18 (All versions), Mendix Studio Pro 10.19 (All versions), Mendix Studio Pro 10.20 (All versions), Mendix Studio Pro 10.21 (All versions), Mendix Studio Pro 10.22 (All versions), Mendix Studio Pro 10.23 (All versions), Mendix Studio Pro 10.24 (All versions < V10.24.21), Mendix Studio Pro 11.0 (All versions), Mendix Studio Pro 11.1 (All versions), Mendix Studio Pro 11.10 (All versions), Mendix Studio Pro 11.11 (All versions), Mendix Studio Pro 11.2 (All versions), Mendix Studio Pro 11.3 (All versions), Mendix Studio Pro 11.4 (All versions), Mendix Studio Pro 11.5 (All versions), Mendix Studio Pro 11.6 (All versions < V11.6.7), Mendix Studio Pro 11.7 (All versions), Mendix Studio Pro 11.8 (All versions), Mendix Studio Pro 11.9 (All versions). Affected versions of Mendix Studio Pro do not properly validate or sanitize project files processed during the build pipeline.
This could allow an attacker who tricks a user into opening and running a specially crafted malicious project locally on their system to execute arbitrary code in the context of that user.
Metrics
Affected Vendors & Products
References
History
Wed, 01 Jul 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens mendix Studio Pro 10.11 Siemens mendix Studio Pro 10.12 Siemens mendix Studio Pro 10.13 Siemens mendix Studio Pro 10.14 Siemens mendix Studio Pro 10.15 Siemens mendix Studio Pro 10.16 Siemens mendix Studio Pro 10.17 Siemens mendix Studio Pro 10.18 Siemens mendix Studio Pro 10.19 Siemens mendix Studio Pro 10.20 Siemens mendix Studio Pro 10.21 Siemens mendix Studio Pro 10.22 Siemens mendix Studio Pro 10.23 Siemens mendix Studio Pro 10.24 Siemens mendix Studio Pro 11.0 Siemens mendix Studio Pro 11.1 Siemens mendix Studio Pro 11.10 Siemens mendix Studio Pro 11.11 Siemens mendix Studio Pro 11.2 Siemens mendix Studio Pro 11.3 Siemens mendix Studio Pro 11.4 Siemens mendix Studio Pro 11.5 Siemens mendix Studio Pro 11.6 Siemens mendix Studio Pro 11.7 Siemens mendix Studio Pro 11.8 Siemens mendix Studio Pro 11.9 |
|
| Vendors & Products |
Siemens
Siemens mendix Studio Pro 10.11 Siemens mendix Studio Pro 10.12 Siemens mendix Studio Pro 10.13 Siemens mendix Studio Pro 10.14 Siemens mendix Studio Pro 10.15 Siemens mendix Studio Pro 10.16 Siemens mendix Studio Pro 10.17 Siemens mendix Studio Pro 10.18 Siemens mendix Studio Pro 10.19 Siemens mendix Studio Pro 10.20 Siemens mendix Studio Pro 10.21 Siemens mendix Studio Pro 10.22 Siemens mendix Studio Pro 10.23 Siemens mendix Studio Pro 10.24 Siemens mendix Studio Pro 11.0 Siemens mendix Studio Pro 11.1 Siemens mendix Studio Pro 11.10 Siemens mendix Studio Pro 11.11 Siemens mendix Studio Pro 11.2 Siemens mendix Studio Pro 11.3 Siemens mendix Studio Pro 11.4 Siemens mendix Studio Pro 11.5 Siemens mendix Studio Pro 11.6 Siemens mendix Studio Pro 11.7 Siemens mendix Studio Pro 11.8 Siemens mendix Studio Pro 11.9 |
Tue, 30 Jun 2026 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Local Code Execution via Unsanitized Project Files in Mendix Studio Pro |
Tue, 30 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 30 Jun 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in Mendix Studio Pro 10.11 (All versions), Mendix Studio Pro 10.12 (All versions), Mendix Studio Pro 10.13 (All versions), Mendix Studio Pro 10.14 (All versions), Mendix Studio Pro 10.15 (All versions), Mendix Studio Pro 10.16 (All versions), Mendix Studio Pro 10.17 (All versions), Mendix Studio Pro 10.18 (All versions), Mendix Studio Pro 10.19 (All versions), Mendix Studio Pro 10.20 (All versions), Mendix Studio Pro 10.21 (All versions), Mendix Studio Pro 10.22 (All versions), Mendix Studio Pro 10.23 (All versions), Mendix Studio Pro 10.24 (All versions < V10.24.21), Mendix Studio Pro 11.0 (All versions), Mendix Studio Pro 11.1 (All versions), Mendix Studio Pro 11.10 (All versions), Mendix Studio Pro 11.11 (All versions), Mendix Studio Pro 11.2 (All versions), Mendix Studio Pro 11.3 (All versions), Mendix Studio Pro 11.4 (All versions), Mendix Studio Pro 11.5 (All versions), Mendix Studio Pro 11.6 (All versions < V11.6.7), Mendix Studio Pro 11.7 (All versions), Mendix Studio Pro 11.8 (All versions), Mendix Studio Pro 11.9 (All versions). Affected versions of Mendix Studio Pro do not properly validate or sanitize project files processed during the build pipeline. This could allow an attacker who tricks a user into opening and running a specially crafted malicious project locally on their system to execute arbitrary code in the context of that user. | |
| Weaknesses | CWE-94 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: siemens
Published: 2026-06-30T14:30:59.828Z
Updated: 2026-06-30T15:05:37.197Z
Reserved: 2026-05-21T08:13:02.100Z
Link: CVE-2026-48192
Updated: 2026-06-30T15:05:33.355Z
No data.
No data.