Code Execution Risk in Mendix Studio Pro by Mendix
CVE-2026-48192

6.8MEDIUM

Key Information:

Vendor: Siemens
Status: Mendix Studio Pro 10.11; Mendix Studio Pro 10.12; Mendix Studio Pro 10.13; Mendix Studio Pro 10.14
Vendor: CVE Published:; 30 June 2026

What is CVE-2026-48192?

A security issue has been identified in various versions of Mendix Studio Pro, where improper validation and sanitization of project files during the build process can lead to potential code execution vulnerabilities. An attacker may exploit this flaw by tricking a user into executing a specially crafted project file on their local system, thereby executing arbitrary code in the context of that user's privileges. Users are advised to update to supported versions to mitigate this risk.

Affected Version(s)

Mendix Studio Pro 10.11 0

Mendix Studio Pro 10.12 0

Mendix Studio Pro 10.13 0

References

https://cert-portal.siemens.com/productcert/html/ssa-7793...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2026
Vulnerability Reserved
May 21, 2026

CVE-2026-48192 Data

JSON

Siemens

What is CVE-2026-48192?

Affected Version(s)

References

CVSS V4

Timeline