What is CVE-2026-22616?

CVE-2026-22616 is a medium-severity vulnerability in Eaton Ipp Software, classified under Improper Restriction of Excessive Authentication Attempts. CVSS score: 6.5/10. Published 2026-04-16.

How severe is CVE-2026-22616?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Eaton Ipp Software

CVE-2026-22616

Eaton Intelligent Power Protector (IPP) software allows repeated authentication attempts against the web interface login page due to insufficient rate‑limiting controls. This security issue has been fixed in the latest version of Eaton IPP…

EPSS: 0.000 (4.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.

Affected products

Eaton Ipp Software — versions 0

Weakness classification (CWE)

CWE-307 — Improper Restriction of Excessive Authentication Attempts

References

www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bu…

Frequently asked questions

What is CVE-2026-22616?: CVE-2026-22616 is a medium-severity vulnerability in Eaton Ipp Software, classified under Improper Restriction of Excessive Authentication Attempts. CVSS score: 6.5/10. Published 2026-04-16.
How severe is CVE-2026-22616?: Medium severity. CVSS v3 base score is 6.5 out of 10.