CVE-2026-2405

Published: Apr 14, 2026

Modified: Apr 14, 2026

PUBLISHED

Description

CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of service when a Web Admin user floods the system with POST /helpabout requests.

Vendor	Product	Versions
Schneider Electric	PowerChute™ Serial Shutdown	affected `Versions 1.4 and prior`

Weaknesses (CWE)

CWE-400

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-01.pdf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-2405

Description

Affected Products

Weaknesses (CWE)

References