Dell
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Dell product.
RSS Feeds for Dell security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Dell products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Dell Sorted by Most Security Vulnerabilities since 2018
Known Exploited Dell Vulnerabilities
The following Dell vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability |
Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote attacker to gain unauthorized access to the underlying operating system and root-level persistence. CVE-2026-22769 Exploit Probability: 21.3% |
February 18, 2026 |
| Dell dbutil Driver Insufficient Access Control Vulnerability |
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service, or information disclosure. CVE-2021-21551 Exploit Probability: 66.9% |
March 31, 2022 |
2 known exploited Dell vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.
By the Year
In 2026 there have been 106 vulnerabilities in Dell with an average score of 6.4 out of ten. Last year, in 2025 Dell had 204 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Dell in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.39
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 106 | 6.38 |
| 2025 | 204 | 6.77 |
| 2024 | 218 | 7.08 |
| 2023 | 168 | 6.97 |
| 2022 | 125 | 7.21 |
| 2021 | 139 | 6.94 |
| 2020 | 35 | 7.45 |
| 2019 | 54 | 7.32 |
| 2018 | 57 | 7.21 |
It may take a day or so for new Dell vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-35154 | Apr 20, 2026 |
Dell PowerProtect DD: IDRAC Privilege Escalation (7.7.1.08.7.0.0)Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation in IDRAC. |
|
| CVE-2026-26951 | Apr 20, 2026 |
PowerProtect Data Domain Stack Overflow (v7.7.1.08.6) LPEDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-22761 | Apr 20, 2026 |
Command Injection in Dell PowerProtect Data Domain 8.5-8.6 (Remote).Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-26942 | Apr 20, 2026 |
Dell PowerProtect Data Domain OS Command Injection 8.5-8.6Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-26943 | Apr 20, 2026 |
OS Command Injection in Dell PowerProtect Data Domain 7.7.1.08.6Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-24506 | Apr 20, 2026 |
Dell PowerProtect Data Domain OS Command Injection 7.7.1-8.6Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root. |
|
| CVE-2026-24505 | Apr 20, 2026 |
Dell PowerProtect Data Domain 8.5-8.6 Improper Input Validation RCEDell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-24504 | Apr 20, 2026 |
Input Validation Flaw in Dell PowerProtect Data Domain (v7.7-8.6) Enables RCEDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-23774 | Apr 20, 2026 |
Dell PowerProtect Data Domain OS cmd-injection remote exec 7.7.1.08.5Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution. |
|
| CVE-2026-26944 | Apr 20, 2026 |
Dell PowerProtect Data Domain 7.7.1.0-8.6 missing auth critical func: root execDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a missing authentication for critical function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. Exploitation requires an authenticated user to perform a specific action. |
|
| CVE-2026-23777 | Apr 17, 2026 |
Dell PowerProtect DD OS Info Exposure Vulnerability (7.7.18.5)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an exposure of sensitive information to an unauthorized actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information exposure. |
|
| CVE-2026-28263 | Apr 17, 2026 |
XSS in Dell PowerProtect Data Domain OS v7.7-8.5, 8.3.1-20, 7.13.1-50Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a cross-site Scripting vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. |
|
| CVE-2025-46606 | Apr 17, 2026 |
Excess Auth Attempts in Dell PowerProtect DD OS 8.48.5Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. |
|
| CVE-2025-46605 | Apr 17, 2026 |
Dell PowerProtect DDOS 8.4-8.5 Session Fixation VulnerabilityDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain a session fixation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. |
|
| CVE-2025-46641 | Apr 17, 2026 |
Dell PowerProtect Data Domain DD OS 8.4-8.5 Improper AuthDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. |
|
| CVE-2025-46607 | Apr 17, 2026 |
Dell PowerProtect Data Domain DD OS 8.4-8.5 Improper Auth VulnerabilityDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. |
|
| CVE-2026-35073 | Apr 17, 2026 |
Dell PowerProtect OS Command Injection v7.7.1.0-8.7.0.0 (LTS2025 8.3.1.0-20, LTS2024 7.13.1.0-60)Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-35074 | Apr 17, 2026 |
Dell PowerProtect Data Domain OS Command Injection (7.7.1.0-8.7.0.0)Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS Command Injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-35072 | Apr 17, 2026 |
OS Command Injection in Dell PowerProtect Data Domain 7.7.1.08.7.0.0Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command ('OS command injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-35153 | Apr 17, 2026 |
Dell PowerProtect Data Domain: Arg Injection (cmd exec) pre-8.7.0.0, 8.3.1.020, 7.13.1.060Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of argument delimiters in a command ('argument injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. |
|
| CVE-2026-23779 | Apr 17, 2026 |
Dell PowerProtect DD OS 7.7-8.5/8.3.1.0-8.3.1.20 cmd injection rootDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain root-level access. |
|
| CVE-2026-23776 | Apr 17, 2026 |
Dell PowerProtect DD OS CVE-2026-23776 Improper Cert Validation v7.7.1.08.5Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain(s) an Improper Certificate Validation vulnerability in certificate-based login. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. |
|
| CVE-2026-23778 | Apr 17, 2026 |
Dell PowerProtect DD OS 7.7.1.0-8.5: Command Injection Root AccessDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to gain root-level access. |
|
| CVE-2026-23775 | Apr 17, 2026 |
Dell PowerProtect Data Domain DD OS 8.0-8.5 Log Sensitive Info InjectionDell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to credential exposures. Authentication attempts as the compromised user would need to be authorized by a high privileged DD user. This vulnerability only affects systems with retention lock enabled. |
|
| CVE-2025-36568 | Apr 17, 2026 |
Dell PowerProtect BoostFS Client 7.7.1.0-8.5 Credential Exposure VulnerabilityDell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an insufficiently protected credentials vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to credential exposure. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account. |
|
| CVE-2026-23853 | Apr 17, 2026 |
Dell PowerProtect Data Domain OS Weak Credentials Pre-8.5 VulnerableDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system. |
|
| CVE-2025-43937 | Apr 16, 2026 |
Dell PowerScale OneFS <=9.12 Sensitive Log Info LeakageDell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. |
Powerscale Onefs
|
| CVE-2025-43935 | Apr 16, 2026 |
Dell PowerScale OneFS <9.12.0.0 Improper Resource Release Causes DoSDell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper resource shutdown or release vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service. |
Powerscale Onefs
|
| CVE-2025-43883 | Apr 16, 2026 |
Dell PowerScale OneFS <9.12.0.0: Local Privileged DoS via Improper CheckDell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper check for unusual or exceptional conditions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service. |
Powerscale Onefs
|
| CVE-2025-36579 | Apr 16, 2026 |
Dell BIOS Weak Password Recovery VulnerabilityDell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access. |
|
| CVE-2026-23772 | Apr 16, 2026 |
Dell Storage Manager 8.0 Improper Privilege Management via Replay ManagerDell Storage Manager - Replay Manager for Microsoft Servers, version(s) 8.0, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. |
Storage Manager
|
| CVE-2026-28261 | Apr 08, 2026 |
Dell ECS/ObjScale: Sensitive Log Data (Pre-3.8.1.7/4.1.0.3) CVE-2026-28261Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and version 4.2.0.0, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to secret exposure. The attacker may be able to use the exposed secret to access the vulnerable system with privileges of the compromised account. |
Elastic Cloud Storage
Objectscale
|
| CVE-2026-24511 | Apr 08, 2026 |
Dell PowerScale OneFS 9.5-9.13 Sensitive Error LeakDell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation of error message containing sensitive information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. |
Powerscale Onefs
|
| CVE-2026-27102 | Apr 08, 2026 |
Dell PowerScale OneFS 9.5-9.13 Privilege Escalation via Incorrect Role AssignmentDell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.1, contains an incorrect privilege assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. |
Powerscale Onefs
|
| CVE-2026-28264 | Apr 08, 2026 |
Dell PowerProtect Agent Service <20.1 Invalid Permission AssignmentDell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. |
|
| CVE-2026-22768 | Apr 01, 2026 |
Dell AppSync 4.6.0: Privilege Escalation via Incorrect PermissionDell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. |
Appsync
|
| CVE-2026-22767 | Apr 01, 2026 |
Dell AppSync 4.6.0 Symlink Following CVE-2026-22767Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. |
Appsync
|
| CVE-2026-28265 | Apr 01, 2026 |
PowerStore Path Traversal via Service User Enables Local File ModificationPowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files. |
|
| CVE-2026-27101 | Apr 01, 2026 |
Dell SCG 5.0 Path Traversal before 5.32.00.xxDell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker within the management network could potentially exploit this vulnerability, leading to remote execution. |
Secure Connect Gateway
|
| CVE-2026-26948 | Mar 18, 2026 |
Dell iDRAC <7.10.90 Debug Information Sensitive Info ExposureDell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.174, 15G and 16G versions prior to 7.10.90.00, contain an Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. |
|
| CVE-2026-26945 | Mar 18, 2026 |
Process Control flaw in Dell iDRAC 9/10 pre-7.00.00.181/7.20.10.50 code execDell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions prior to 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain a Process Control vulnerability. A high privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to code execution. |
|
| CVE-2026-23862 | Mar 16, 2026 |
Dell ThinOS 10 <2602_10.0573: Cmd Injection -> Priv EscDell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
|
| CVE-2026-24510 | Mar 11, 2026 |
Dell AWCC <6.12.24.0 Improper Privilege Mgmt -> LPEDell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
Alienware Command Center
|
| CVE-2026-24508 | Mar 11, 2026 |
Alienware Command Center 6.12.24.0 Improper Cert ValidationDell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. |
Alienware Command Center
|
| CVE-2026-24509 | Mar 11, 2026 |
Dell AWCC <6.12.24.0: Improper Access Control (Low Priv)Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. |
Alienware Command Center
|
| CVE-2026-26034 | Mar 05, 2026 |
Incorrect Default Permissions in UPS MUMC 01.06.0001 (A03) SYSTEM Exec via DLLUPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default Permissions (CWE-276) vulnerability that allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL. |
|
| CVE-2026-26033 | Mar 05, 2026 |
MUMC v01.06.0001 Unquoted Search Path SYSTEM code execUPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Unquoted Search Path or Element (CWE-428) vulnerability, which allows a user with write access to a directory on the system drive to execute arbitrary code with SYSTEM privileges. |
|
| CVE-2026-26949 | Mar 04, 2026 |
DDMA <26.02 Incorrect Auth Bypass Priv Esc (Dell)Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Incorrect Authorization vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
|
| CVE-2026-22760 | Mar 04, 2026 |
Dell DDMA <26.02: Improper Check for Unusual Conditions DoSDell Device Management Agent (DDMA), versions prior to 26.02, contain an Improper Check for Unusual or Exceptional Conditions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of Service. |
|
| CVE-2026-22285 | Mar 04, 2026 |
Dell DDMA <=26.02 Plaintext Password Storage ExploitDell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access. |