Monthly
Unauthorized access in Dell ThinOS 10 (versions prior to 2605_10.2100) stems from an obsolete UI feature (CWE-448) that a low-privileged local attacker can abuse to bypass authentication controls. With valid low-level local access to the thin-client, an attacker can leverage the leftover interface path to reach functionality or data they should not have, yielding high confidentiality, integrity, and availability impact per the CVSS 7.8 (High) rating. No public exploit identified at time of analysis; the flaw was reported by Dell and disclosed in advisory DSA-2026-300.
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Unauthorized access in Dell ThinOS 10 (versions prior to 2605_10.2100) stems from an obsolete UI feature (CWE-448) that a low-privileged local attacker can abuse to bypass authentication controls. With valid low-level local access to the thin-client, an attacker can leverage the leftover interface path to reach functionality or data they should not have, yielding high confidentiality, integrity, and availability impact per the CVSS 7.8 (High) rating. No public exploit identified at time of analysis; the flaw was reported by Dell and disclosed in advisory DSA-2026-300.
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.