CVE-2026-28726
published 2026-03-06CVE-2026-28726: Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build…
PriorityP421medium4.3CVSS 3.0
AVNACLPRLUINSUCLINAN
EPSS
0.18%
7.5th percentile
Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acronis | acronis_cyber_protect_17 | >= unspecified < 41186 | 41186 |
| acronis | cyber_protect | < 17.0.41186 | 17.0.41186 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-30412 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2025-30412 [CRITICAL] CVE-2025-30412 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-30412 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Source : NVD
## 10
Score
Published February 20, 2026
Severity CRITICAL
CNA Score 10.0
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.2
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity CRITICAL Has Fix Added at: Feb 20, 2026
Windows Severity CRITICA
Wiz
CVE-2026-28715 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.5
CVE-2026-28715 [MEDIUM] CVE-2026-28715 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28715 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 6.5
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 6.5
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a prio
Wiz
CVE-2026-28726 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28726 [MEDIUM] CVE-2026-28726 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28726 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 16, 2026
## Get a CVE risk assessment
Get a prioritized
Wiz
CVE-2026-28723 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28723 [MEDIUM] CVE-2026-28723 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28723 :
Acronis Cyber Protect vulnerability analysis and mitigation
Unauthorized report deletion due to insufficient access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 16, 2026
## Get a CVE risk assessment
Get a prioritize
Wiz
CVE-2026-28712 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.3
CVE-2026-28712 [MEDIUM] CVE-2026-28712 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28712 :
Acronis Cyber Protect vulnerability analysis and mitigation
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Source : NVD
## 6.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 6.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 4.2
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 12, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a prioritized view of
Wiz
CVE-2025-30416 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2025-30416 [CRITICAL] CVE-2025-30416 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-30416 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Source : NVD
## 10
Score
Published February 20, 2026
Severity CRITICAL
CNA Score 10.0
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 2.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity CRITICAL Has Fix Added at: Feb 20, 2026
Windows Severity CRITICAL H
Wiz
CVE-2026-28725 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28725 [MEDIUM] CVE-2026-28725 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28725 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 5.5
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 5.5
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 3.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 16, 2026
## Get a CVE risk assessmen
Wiz
CVE-2025-30413 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.4
CVE-2025-30413 [MEDIUM] CVE-2025-30413 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-30413 :
Acronis Cyber Protect vulnerability analysis and mitigation
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
Source : NVD
## 4.4
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.4
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 3.1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severit
Wiz
CVE-2025-30410 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.8
CVE-2025-30410 [CRITICAL] CVE-2025-30410 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-30410 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800.
Source : NVD
## 9.8
Score
Published February 20, 2026
Severity CRITICAL
CNA Score 9.8
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Wiz
CVE-2025-11791 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2025-11791 [HIGH] CVE-2025-11791 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-11791 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.
Source : NVD
## 7.1
Score
Published March 6, 2026
Severity HIGH
CNA Score 5.5
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 2.9
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity HIGH Has Fix Added at: Mar 13, 202
Wiz
CVE-2026-28716 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.4
CVE-2026-28716 [MEDIUM] CVE-2026-28716 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28716 :
Acronis Cyber Protect vulnerability analysis and mitigation
Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.4
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.4
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 3.1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get
Wiz
CVE-2026-28727 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28727 [MEDIUM] CVE-2026-28727 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28727 :
Acronis Cyber Protect vulnerability analysis and mitigation
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.
Source : NVD
## 7.8
Score
Published March 6, 2026
Severity HIGH
CNA Score 7.8
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 2.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity HIGH Has Fix Added at: Mar 13, 2026
Window
Wiz
CVE-2026-28714 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.8
CVE-2026-28714 [MEDIUM] CVE-2026-28714 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28714 :
Acronis Cyber Protect vulnerability analysis and mitigation
Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.8
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.8
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 4.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 16, 2026
## Get a CVE risk assessment
Get a prioritized vi
Wiz
CVE-2026-28709 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28709 [MEDIUM] CVE-2026-28709 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28709 :
Acronis Cyber Protect vulnerability analysis and mitigation
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a pr
Wiz
CVE-2026-28710 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.8
CVE-2026-28710 [CRITICAL] CVE-2026-28710 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28710 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 9.8
Score
Published March 6, 2026
Severity CRITICAL
CNA Score 8.1
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 27.6
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity CRITICAL Has Fix Added at: Mar 13, 2026
Windows Severity CRITICAL Has Fix Added at: Mar 13, 2026
## Get a CVE risk assess
Wiz
CVE-2026-28721 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.3
CVE-2026-28721 [HIGH] CVE-2026-28721 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28721 :
Acronis Cyber Protect vulnerability analysis and mitigation
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Source : NVD
## 7.3
Score
Published March 6, 2026
Severity HIGH
CNA Score 7.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 3.8
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity HIGH Has Fix Added at: Mar 12, 2026
Windows Severity HIGH Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs i
Wiz
CVE-2026-28722 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.3
CVE-2026-28722 [HIGH] CVE-2026-28722 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28722 :
Acronis Cyber Protect vulnerability analysis and mitigation
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Source : NVD
## 7.3
Score
Published March 6, 2026
Severity HIGH
CNA Score 7.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 3.8
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity HIGH Has Fix Added at: Mar 12, 2026
Windows Severity HIGH Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs i
Wiz
CVE-2026-28713 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2026-28713 [HIGH] CVE-2026-28713 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28713 :
Acronis Cyber Protect vulnerability analysis and mitigation
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
Source : NVD
## 7.1
Score
Published March 6, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 15.4
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity HIGH Has Fix Added at: Mar 13, 2026
Windows Severity HIGH Has Fix Added at: Mar 16
Wiz
CVE-2026-28724 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28724 [MEDIUM] CVE-2026-28724 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28724 :
Acronis Cyber Protect vulnerability analysis and mitigation
Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 16, 2026
## Get a CVE risk assessment
Get a prior
Wiz
CVE-2026-28718 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-28718 [HIGH] CVE-2026-28718 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28718 :
Acronis Cyber Protect vulnerability analysis and mitigation
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 7.5
Score
Published March 6, 2026
Severity HIGH
CNA Score 5.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 28.2
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity HIGH Has Fix Added at: Mar 13, 2026
Windows Severity HIGH Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a
Wiz
CVE-2026-28720 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28720 [MEDIUM] CVE-2026-28720 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28720 :
Acronis Cyber Protect vulnerability analysis and mitigation
Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 16, 2026
## Get a CVE risk assessment
G
Wiz
CVE-2026-28717 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.0
CVE-2026-28717 [MEDIUM] CVE-2026-28717 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28717 :
Acronis Cyber Protect vulnerability analysis and mitigation
Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Source : NVD
## 5
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 5.0
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 12, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a prioritized view of
Wiz
CVE-2025-30411 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2025-30411 [CRITICAL] CVE-2025-30411 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-30411 :
Acronis Cyber Protect vulnerability analysis and mitigation
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Source : NVD
## 10
Score
Published February 20, 2026
Severity CRITICAL
CNA Score 10.0
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.2
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity CRITICAL Has Fix Added at: Feb 20, 2026
Windows Severity CRITICA
Wiz
CVE-2026-28711 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.3
CVE-2026-28711 [MEDIUM] CVE-2026-28711 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28711 :
Acronis Cyber Protect vulnerability analysis and mitigation
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Source : NVD
## 6.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 6.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 4.2
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 12, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
## Get a CVE risk assessment
Get a prioritized view of
Wiz
CVE-2026-28719 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.3
CVE-2026-28719 [MEDIUM] CVE-2026-28719 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28719 :
Acronis Cyber Protect vulnerability analysis and mitigation
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Source : NVD
## 4.3
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 4.3
Affected Technologies
Acronis Cyber Protect
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:acronis:cyber_protect
Sources
Windows Severity MEDIUM Has Fix Added at: Mar 13, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 16, 2026
## Get a CVE risk assessment
Get a pr
2026-03-06
Published