High severityNVD Advisory· Published May 6, 2026· Updated May 6, 2026
CVE-2026-21661
CVE-2026-21661
Description
Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths.
This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
1- Johnson Controls CEM AC2000CISA Alerts