Acronis Cyber Protect Exposes Sensitive Data on Windows and Linux

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Acronis Cyber Protect Exposes Sensitive Data on Windows and Linux

CVE-2026-28726

Summary

Acronis Cyber Protect versions 17 on Windows and Linux may leak sensitive information if not updated to build 41186 or later. This means unauthorized users could access confidential data, such as passwords or encryption keys. To fix this, update to the latest version of Acronis Cyber Protect.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
acronis	cyber_protect	<= 17.0.41186	–

Original title

Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

Original description

Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

nvd CVSS3.0 4.3

Vulnerability type

CWE-863 Incorrect Authorization

https://security-advisory.acronis.com/advisories/SEC-8401

Published: 6 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026