Critical Airleader Vulnerability Enables Remote Code Execution Attacks

Severity: High (Score: 72.6)

Sources: Cybersecuritynews, Cyberpress

Summary

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) disclosed a critical vulnerability in the Airleader industrial control system on February 12, 2026. Assigned CVE-2026-1358, the flaw has a CVSS v3 score of 9.8 and affects all versions of Airleader, potentially allowing remote code execution attacks across multiple critical infrastructure sectors.

Key Entities

• Zero-day Exploit (attack_type)
• CVE-2026-1358 (cve)
• Airleader (platform)
• Airleader Flaw (vulnerability)