Chemical Transportation Incidents – Week of 5-2-26

Reporting Background 

See this post for explanation, with the most recent update here (removed from paywall). 

Data from PHMSA’s online database of transportation related chemical incidents that have been reported to the agency. 

Incidents Summary  

• Number of incidents – 486 (438 highway, 43 air, 5 rail, 0 water) 

• Serious incidents – 4 (3 Bulk release, 0 evacuation, 1 injury, 0 death, 0 major artery closed, 3 fire/explosion, 45 no release)  

• Largest container involved – 33,381.3-gal DOT 117R100W Railcar {Alcohols, N.O.S.} Drip leak from bottom cap. 

• Largest amount spilled – 343.8-gal Metal Drum {Resin Solution, Flammable} Load not blocked or chocked, drum crushed during transport. 

• Total amount reported spilled in all incidents – 1863.0-gal 

NOTE: Links above are to Form 5800.1 for the described incidents. 

Most Interesting Chemical: Zinc Chloride, Anhydrous: Zinc chloride is a white crystalline solid. It is soluble in water. It is corrosive to metals and therefore irritating to the skin, eyes and mucous membranes. It is used for preserving wood, in soldering fluxes, as a catalyst in chemical metals and manufacturing, and for many other uses. Water reactive, produces exotherm and strong acid. (Source: CameoChemicals.NOAA.gov).  

INSERT UN 2331 Placard 

BIS Sends Critical Technologies Controls IFR to OMB

 Yesterday, the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that  it had received an interim final rule from DOC’s Bureau of Industry and Security (BIS) on “Critical Technologies Controls”. Data Privacy, Data Security, and Cybersecurity Technologies 

According to the Spring 2025 Unified Agenda entry for this rulemaking:  

“Section 1758 of the Export Control Reform Act of 2018 (ECRA), as codified under 50 U.S.C. 4817 [link added], authorizes BIS to establish appropriate controls on the export, reexport or transfer (in-country) of emerging and foundational technologies. This rule proposes changes based on Section 1758 technology controls.” 

It is too early to tell if this rulemaking will be covered in any detail, because the scope described above is so vague. The BIS web site lists the following technologies of potential interest here as being on the OSTP Critical and Emerging Technologies List (2024) 

• Biotechnologies,  

• Data Privacy, Data Security, and Cybersecurity Technologies,  

• Human-Machine Interfaces,  

• Quantum Information and Enabling Technologies, and  

• Space Technologies and Systems. 

Review – 5 Advisories and 2 Updates Published – 6-4-26

Today, CISA’s NCCIC-ICS published five control system security advisories for products from Hitachi Energy (3), B&R, and NAVTOR. They also updated two advisories for products from Schnieder Electric and Mitsubishi Electric. 

Advisories  

Hitachi Energy Advisory #1 - This advisory describes a heap-based buffer overflow vulnerability in their MACH HiDraw product. 

NOTE: I briefly discussed this vulnerability on May 31st, 2026. 

Hitachi Energy Advisory #2 - This advisory discusses seven vulnerabilities (one with publicly available exploit) in the Hitachi Energy RTU500 product. 

NOTE: I briefly discussed these vulnerabilities on June 1st, 2026. 

Hitachi Energy Advisory #3 - This advisory discusses two vulnerabilities in the Hitachi Energy ITT600 Explorer product. 

NOTE: I briefly discussed this vulnerability on May 31st, 2026. 

B&R Advisory - This advisory describes an allocation of resources without limit or throttling vulnerability in the B&R PPT30 Operating System. 

NAVTOR Advisory - This advisory describes a use of hard-coded credentials vulnerability in the NAVTOR NavBox product. 

Updates  

Schneider Update - This update provides additional information on the Modicon M340 Controller advisory that was originally published on August 26th, 2025.  

NOTE: I briefly mentioned on April 19th, 2026, the Schneider update upon which this update is based. 

Mitsubishi Update - This update provides additional information on the Iconics Digital Solutions advisory that was originally published on July 2nd, 2024, and most recently updated on April 7th, 2026. 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-and-2-updates-published-b03 - subscription required.