High severity8.2NVD Advisory· Published May 12, 2026· Updated May 13, 2026
CVE-2026-26289
CVE-2026-26289
Description
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
1- Subnet Solutions PowerSYSTEM CenterCISA ICS Advisories