Critical Vulnerability in Siemens Opcenter X Allows Arbitrary JWT Forging
A critical vulnerability (CVE-2026-56451) with a CVSS score of 10 has been identified in Siemens Opcenter X versions prior to V2604. This vulnerability allows an unauthenticated remote attacker to forge arbitrary JSON Web Tokens (JWT), bypass authentication mechanisms, and impersonate any user, including administrative accounts. Immediate action is required to update affected systems.