Schneider-electric Powerchute Serial Shutdown — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Powerchute Serial Shutdown, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-2405 — CVSS 6.5 (medium): CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of…
CVE-2026-2399 — CVSS 6.1 (medium): CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause critical files…
CVE-2026-2402 — CVSS 5.3 (medium): CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker to gain access to the…
CVE-2026-2404 — CVSS 5.3 (medium): CWE-116 Improper Encoding or Escaping of Output vulnerability exists that could cause log injection and forged log when an attacker alters…
CVE-2026-2401 — CVSS 5.0 (medium): CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when…
CVE-2026-2403 — CVSS 4.3 (medium): CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting…
CVE-2026-2400 — CVSS 4.3 (medium): CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability exists that could cause application user credentials to…