Vulnerability Details CVE-2026-2404
CWE-116 Improper Encoding or Escaping of Output vulnerability exists that could cause log injection and forged log when an attacker alters the POST /j_security check request payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.4%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2026-2404
-
cpe:2.3:a:schneider-electric:powerchute_serial_shutdown:1.4