CISA Adds PTC Windchill RCE Flaw to KEV Catalog

CISA added a critical remote code execution vulnerability, CVE-2026-12569, impacting PTC Windchill PDMlink and FlexPLM to its Known Exploited Vulnerabilities catalog due to active exploitation. Attackers are deploying JSP web shells via deserialization of untrusted data. Patches were released last week.