83
CVEs
1
Critical
26
High
0
KEV
0
PoC
2
Unpatched C/H
86.7%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
1
HIGH
26
MEDIUM
49
LOW
4
Monthly CVE Trend
Affected Products (30)
Powerscale Onefs
21
Unity Operating Environment
19
Linux Kernel
15
Smartfabric Os10
14
Powerprotect Data Manager
13
Wyse Management Suite
13
Data Domain Operating System
10
Cloudlink
8
Powerflex Manager
8
Powerflex Manager Rack
7
Alienware Command Center
7
Thinos
7
Powerflex Manager Appliance
7
Supportassist Os Recovery
5
Ubuntu
5
Objectscale
5
Elastic Cloud Storage
5
Storage Manager
5
Secure Connect Gateway
4
Networker
4
Unisphere For Powermax
4
Precision 3490 Firmware
3
Precision 3590 Firmware
3
Recoverpoint For Virtual Machines
3
Open Redirect
3
Latitude 7650 Firmware
3
Latitude 7350 Firmware
3
Latitude 5550 Firmware
3
Latitude 5350 Firmware
3
Latitude 7350 Detachable Firmware
3
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-40636 | Hard-coded credentials in Dell ECS 3.8.1.0-3.8.1.7 and ObjectScale <4.3.0.0 allow unauthenticated filesystem access. Despite CVSS 9.8 (network vector), the description explicitly states 'local access' is required, creating a critical discrepancy between scoring and actual attack surface. Attackers with local system access can leverage embedded credentials to gain unauthorized filesystem access. No active exploitation (CISA KEV) or public exploit confirmed at time of analysis. Dell advisory DSA-2026-047 addresses the vulnerability. | CRITICAL | 9.8 | 0.1% | 49 |
|
| CVE-2026-26944 | Missing authentication in Dell PowerProtect Data Domain 7.7.1.0-8.6 and LTS releases allows remote unauthenticated attackers to execute arbitrary commands with root privileges when combined with user interaction. Affects enterprise backup appliances across multiple release branches including LTS2025 (8.3.1.0-8.3.1.20) and LTS2024 (7.13.1.0-7.13.1.60). CVSS 8.8 with network vector but requires user interaction (UI:R), reducing immediate automation risk. No EPSS or KEV data available at time of analysis, indicating vulnerability is newly disclosed. Dell security advisory DSA-2026-060 confirms patch availability. | HIGH | 8.8 | 0.1% | 44 |
|
| CVE-2026-24502 | Command \| Intel Vpro Out Of Band versions up to 4.7.0 is affected by uncontrolled search path element (CVSS 8.8). | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-23853 | Local attackers can gain full system access to Dell PowerProtect Data Domain storage systems without authentication due to weak default credentials in DD OS versions 7.7.1.0-8.5, 8.3.1.0-8.3.1.20, and 7.13.1.0-7.13.1.50. The vulnerability allows complete system compromise (CVSS 8.4) with high confidentiality, integrity, and availability impact despite requiring local access. No active exploitation confirmed (EPSS 0.01%, not in CISA KEV), and Dell has released patches across all affected release branches. SSVC framework rates this as total technical impact but non-automatable and not currently exploited. | HIGH | 8.4 | 0.0% | 42 |
|
| CVE-2026-35071 | OS command injection in Dell PowerScale InsightIQ 6.0.0 through 6.2.0 allows high-privileged local administrators to execute arbitrary system commands with elevated privileges, achieving container escape (scope change) on the storage cluster management platform. Dell published security advisory DSA-2026-208 addressing this vulnerability. EPSS data not available; no CISA KEV listing indicates targeted rather than widespread exploitation at time of analysis. | HIGH | 8.2 | 0.0% | 41 |
|
| CVE-2026-26354 | Stack-based buffer overflow in Dell PowerProtect Data Domain DD OS allows remote unauthenticated attackers to execute arbitrary commands on vulnerable appliances. Affects Feature Release versions 7.7.1.0-8.6, LTS2025 (8.3.1.0-8.3.1.10), and LTS2024 (7.13.1.0-7.13.1.60). Despite network-accessible attack vector (AV:N/PR:N), high attack complexity (AC:H) indicates specialized exploit conditions. CISA SSVC framework rates exploitation as 'none' and automatable as 'no', suggesting manual, targeted exploitation rather than mass scanning. No active exploitation confirmed at time of analysis. Dell has released patches across all affected release tracks (DSA-2026-060). | HIGH | 8.1 | 0.0% | 41 |
|
| CVE-2026-32658 | Missing authorization in Dell Automation Platform before 2.0.0.0 allows authenticated remote attackers to elevate privileges to high-integrity access. The vulnerability requires low-level authentication and user interaction but enables complete compromise of confidentiality, integrity, and availability. CVSS 8.0 (High) reflects the significant impact despite the authentication prerequisite. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, though Dell has released patches per DSA-2026-193. | HIGH | 8.0 | 0.0% | 40 |
|
| CVE-2026-23862 | Dell ThinOS 10 versions before 2602_10.0573 contain a command injection flaw that allows local attackers with low privileges to execute arbitrary commands and escalate their access rights. The vulnerability stems from improper sanitization of special elements in user-supplied input, requiring only local access and no user interaction to exploit. No patch is currently available. | HIGH | 7.8 | 0.1% | 39 |
|
| CVE-2026-31508 | Use-after-free in Linux kernel Open vSwitch module causes system crash when deleting network interfaces on PREEMPT_RT kernels. The vulnerability is confirmed patched in multiple stable kernel versions (5.10.253, 5.15.203, 6.1.168, 6.6.131, 6.12.80, 6.18.21, 6.19.11, 7.0) with upstream fixes available via kernel.org commits. EPSS score of 0.02% (7th percentile) indicates very low exploitation likelihood. No active exploitation confirmed (not in CISA KEV). Local authenticated access required (CVSS AV:L/PR:L) with high impact (CVSS 7.8), but exploitation depends on PREEMPT_RT kernel configuration and specific Open vSwitch teardown race conditions. | HIGH | 7.8 | 0.0% | 39 |
|
| CVE-2026-28261 | Local privilege escalation in Dell Elastic Cloud Storage (≤3.8.1.7) and ObjectScale (<4.1.0.3, =4.2.0.0) allows authenticated users with low privileges to extract credentials from log files and escalate to compromised account privileges. CVSS 7.8 (High). No public exploit identified at time of analysis. EPSS data not available, but local access requirement and low attack complexity suggest moderate exploitation likelihood in multi-tenant or shared administrative environments. | HIGH | 7.8 | 0.0% | 39 |
|
| CVE-2025-36568 | Insufficiently protected credential storage in Dell PowerProtect Data Domain BoostFS client allows local attackers with low privileges to extract stored credentials via local file access under specific race conditions (AC:H). Scope change (S:C) indicates compromised credentials grant access beyond the BoostFS client component itself, potentially to connected Data Domain systems. Dell has released patches for all affected branches (Feature Release 7.7.1.0-8.5, LTS2025 8.3.1.0-8.3.1.20, LTS2024 7.13.1.0-7.13.1.50). EPSS score of 0.01% suggests minimal observed exploitation interest, no CISA KEV listing, and no public POC identified at time of analysis. | HIGH | 7.8 | 0.0% | 39 |
|
| CVE-2026-42997 | Credential forwarding vulnerability in OpenStack Ironic's idrac driver allows authenticated attackers to steal time-limited Keystone tokens or molds storage credentials by manipulating import operations. Attackers with low-privileged Ironic access can redirect these credentials to attacker-controlled endpoints, gaining unauthorized access to all OpenStack services that Ironic is authorized for. Fixed in versions 26.1.6, 29.0.5, 32.0.1, and 35.0.1. CVSS 7.7 with scope change (S:C) reflects the privilege escalation from Ironic-only access to full OpenStack service access. | HIGH | 7.7 | 0.0% | 39 |
|
| CVE-2026-23775 | Dell PowerProtect Data Domain appliances log sensitive credentials when retention lock is enabled, allowing low-privileged remote attackers to harvest authentication data from log files. Affects DD OS 8.0-8.5 and LTS2025 8.3.1.0-8.3.1.10. Exploitation requires existing low-privileged access plus user interaction from a high-privileged administrator to authorize subsequent authentication attempts. EPSS score of 0.01% and SSVC assessment (non-automatable, partial impact) indicate low probability of widespread exploitation. Vendor patch available per Dell DSA-2026-060. | HIGH | 7.6 | 0.0% | 38 |
|
| CVE-2026-33554 | FreeIPMI versions before 1.16.17 contain exploitable buffer overflow vulnerabilities in the ipmi-oem command's response message handling for three vendor-specific subcommands: Dell's get-last-post-code, Supermicro's extra-firmware-info, and Wistron's read-proprietary-string. An attacker who can intercept or control IPMI server responses could trigger these buffer overflows to achieve arbitrary code execution on systems running vulnerable versions of FreeIPMI. No CVSS score, EPSS data, or public exploitation confirmation is currently available, but the vulnerabilities are documented in Savannah bug reports with clear technical details. | HIGH | 7.5 | 0.0% | 38 |
|
| CVE-2025-32750 | Information disclosure in Dell PowerFlex Manager (Appliance, Rack, and core Manager) versions 4.6.2 and earlier allows unauthenticated remote attackers to enumerate server contents through exposed directory listings. The flaw carries a CVSS 7.5 (high) rating driven entirely by confidentiality impact and requires no privileges or user interaction, though no public exploit identified at time of analysis and the issue is not on CISA KEV. | HIGH | 7.5 | 0.1% | 38 |
|