Powersystem Center 2020 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-35504	1 Subnet Solutions	3 Powersystem Center 2020, Powersystem Center 2024, Powersystem Center 2026	2026-05-13	5.5 Medium
PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication.
CVE-2026-33570	1 Subnet Solutions	1 Powersystem Center 2020	2026-05-13	5.7 Medium
PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions.
CVE-2026-26289	1 Subnet Solutions	3 Powersystem Center 2020, Powersystem Center 2024, Powersystem Center 2026	2026-05-13	8.2 High
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only.

Page 1 of 1.