What is the CVSS score of EUVD-2026-25050?

EUVD-2026-25050 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of PowerProtect Data Domain are affected by EUVD-2026-25050?

Dell PowerProtect Data Domain DD OS versions 7.7.1.0 through 8.6 contain a remote code execution vulnerability that could allow attackers to execute arbitrary commands on backup appliances without…. A patch is available.

PowerProtect Data Domain EUVD-2026-25050

| CVE-2026-26354 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-04-22 dell

GHSA-h5cf-xw55-j4wj

Buffer Overflow Stack Overflow Dell

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 27, 2026 - 17:22 vuln.today

cvss_changed

Patch released

Apr 27, 2026 - 17:09 nvd

Patch available

Analysis Generated

Apr 23, 2026 - 06:55 vuln.today

Patch available

Apr 22, 2026 - 20:32 EUVD

EUVD ID Assigned

Apr 22, 2026 - 18:31 euvd

EUVD-2026-25050

Analysis Generated

Apr 22, 2026 - 18:31 vuln.today

CVE Published

Apr 22, 2026 - 18:11 nvd

HIGH 8.1

DescriptionNVD

Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain a stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.

AnalysisAI

Stack-based buffer overflow in Dell PowerProtect Data Domain DD OS allows remote unauthenticated attackers to execute arbitrary commands on vulnerable appliances. Affects Feature Release versions 7.7.1.0-8.6, LTS2025 (8.3.1.0-8.3.1.10), and LTS2024 (7.13.1.0-7.13.1.60). …

RemediationAI

Within 24 hours: Identify all PowerProtect Data Domain appliances running affected versions (7.7.1.0-8.6, LTS2025 8.3.1.0-8.3.1.10, LTS2024 7.13.1.0-7.13.1.60) and isolate from external network access. Within 7 days: Apply vendor patches per Dell DSA-2026-060 to all affected appliances, prioritizing systems with the highest data criticality. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2025-26483 MEDIUM This Month

6.1 May 22

Open redirect vulnerability in Dell PowerFlex Manager 4.6.2 and prior enables unauthenticated remote attackers to craft

CVE-2025-32751 MEDIUM This Month

5.5 May 22

Dell PowerFlex Manager versions 4.6.2 and earlier improperly store sensitive information in a manner accessible to low-p

CVE-2025-32747 MEDIUM This Month

5.3 May 22

Incorrect Privilege Assignment in Dell PowerFlex Manager version 4.6.2 and earlier (both Appliance and Rack form factors

CVE-2025-32749 MEDIUM This Month

5.3 May 22

Directory listing exposure in Dell PowerFlex Manager versions 4.6.2 and earlier allows an attacker to enumerate director

CVE-2025-32745 MEDIUM This Month

4.2 May 22

Improper certificate validation in Dell PowerFlex Manager version 4.6.2 and earlier allows an unauthenticated attacker o

EUVD-2026-25050 vulnerability details – vuln.today

Back

PowerProtect Data Domain EUVD-2026-25050

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code