Dell PowerProtect Data Domain DD OS 7.7.1.0-8.6 Stack Buffer Overflow Exec
CVE-2026-26354 Published on April 22, 2026

Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain a stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-26354 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2026-26354 has been classified to as a Stack Overflow vulnerability or weakness.

Affected Versions

Dell PowerProtect Data Domain:

Before 8.6.1.10, 8.7.0.0 or later is affected.
Before 8.3.1.20 or later is affected.
Before 7.13.1.60 or later is affected.
Before 2.7.9 with DD OS 8.3.1.30 is affected.

Dell PowerProtect Data Domain DD OS 7.7.1.0-8.6 Stack Buffer Overflow ExecCVE-2026-26354 Published on April 22, 2026

Vulnerability Analysis

Weakness Type

What is a Stack Overflow Vulnerability?

Affected Versions

Dell PowerProtect Data Domain DD OS 7.7.1.0-8.6 Stack Buffer Overflow Exec
CVE-2026-26354 Published on April 22, 2026