Product
A critical vulnerability, CVE-2026-56451, in Siemens Opcenter X versions prior to V2604 allows unauthenticated remote attackers to forge arbitrary JSON Web Tokens (JWTs) due to improper algorithm validation, leading to full authentication bypass, user impersonation including administrative accounts, and complete unauthorized access to the application.