WebAdmin Zip Generation DoS (CWE-400) CVE-2026-2405
CVE-2026-2405 Published on April 14, 2026
CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of service when a Web Admin user floods the system with POST /helpabout requests.
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2026-2405 has been classified to as a Resource Exhaustion vulnerability or weakness.
Affected Versions
Schneider Electric PowerChute™ Serial Shutdown Version Versions 1.4 and prior is affected by CVE-2026-2405Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.