{"vulnerability": "CVE-2026-56451", "sightings": [{"uuid": "0aae6f45-46b6-4697-8d3c-ee1584906508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56451", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116917864212446754", "content": "CVE-2026-56451 (CRITICAL, CVSS 10) in Siemens Opcenter X &lt;2604: Improper JWT signature validation allows remote attackers to bypass authentication &amp; impersonate users/admins. Restrict access &amp; monitor while awaiting patch. https://radar.offseq.com/threat/cve-2026-56451-cwe-347-improper-verification-of-cr-44aef26a03e69f33 #OffSeq #CVE202656451 #infosec #Siemens", "creation_timestamp": "2026-07-14T10:30:28.392596Z"}, {"uuid": "7d1bc98a-e477-4b4f-b8f1-9eef1e7f7bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56451", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqlyt42e3r2x", "content": "CVE-2026-56451: Siemens Opcenter X (&lt;2604) has a CRITICAL flaw \u2014 attackers can forge JWTs and gain full access. Restrict exposure &amp; monitor activity until a fix is released. https://radar.offseq.com/threat/cve-2026-56451-cwe-347-improper-verification-of-cr-44aef26a03e69f33 #OffSeq #CVE202656451 #...", "creation_timestamp": "2026-07-14T10:30:30.304798Z"}, {"uuid": "8f01772f-3171-4b9c-9256-ef38698a683e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56451", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqlzhuqjjp2r", "content": "CVE-2026-56451\nOpcenter X versions prior to V2604 do not properly check JWT headers. This allows an attacker to create fake user identities, potentially gaining full access to the application. Update to version V2604 or later\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-14T10:42:07.025237Z"}, {"uuid": "68a985c1-6513-4ae7-80d4-1d3152e75054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56451", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqm6neflbs27", "content": "CVE-2026-56451 - Opcenter X JWT Algorithm Confusion Vulnerability\nCVE ID : CVE-2026-56451\n \n Published : July 14, 2026, 10:16 a.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : A vulnerability has been identified in Opcenter X (All versions &lt; V2604). Affected applications do no...", "creation_timestamp": "2026-07-14T12:14:40.359839Z"}, {"uuid": "4d611b22-94f3-47d2-8525-9e55c6faa453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-56451", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-24", "content": "", "creation_timestamp": "2026-07-14T12:45:05.511195Z"}]}