๐Ÿ” CVE Alert

CVE-2026-21661

UNKNOWN 0.0

AC2000 Uncontrolled Search Path Element

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths. This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3.

CWE CWE-427
Vendor johnsoncontrols
Product ac2000
Published May 6, 2026
Stay Ahead of the Next One

Get instant alerts for johnsoncontrols ac2000

Be the first to know when new unknown vulnerabilities affecting johnsoncontrols ac2000 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

JohnsonControls / AC2000
10.6 < release 10 11.0 < release 9 12 < release 3

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
johnsoncontrols.com: https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories