CVE-2026-2401
Published Apr 14, 2026
·Updated
CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker.
Affected Software
1 affected component
Schneider-electric Powerchute Serial Shutdown<1.5
Event History
Apr 14, 2026
CVE Published
via MITRE·03:24 PM
Data Sourced
via MITRE·03:24 PM
DescriptionWeakness
Data Sourced
via NVD·04:16 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2026-2401?
CVE-2026-2401 is considered a critical severity vulnerability due to the potential exposure of confidential information.
2
How do I fix CVE-2026-2401?
To mitigate CVE-2026-2401, ensure that you update Schneider Electric PowerChute Serial Shutdown to the latest version beyond 1.5.
3
Who is affected by CVE-2026-2401?
CVE-2026-2401 affects users of Schneider Electric PowerChute Serial Shutdown versions prior to 1.5.
4
What type of vulnerability is CVE-2026-2401?
CVE-2026-2401 is an insertion of sensitive information into log file vulnerability.
5
Can CVE-2026-2401 lead to data breaches?
Yes, CVE-2026-2401 can lead to data breaches as it may expose confidential information when exploited.