PowerProtect Data Domain Stack Overflow (v7.7.1.08.6) LPE
CVE-2026-26951 Published on April 20, 2026

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-26951 can be exploited with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2026-26951 has been classified to as a Stack Overflow vulnerability or weakness.

Affected Versions

Dell PowerProtect Data Domain:

Before 8.6.1.10, 8.7.0.0 or later is affected.
Before 8.3.1.30 or later is affected.
Before 7.13.1.70 or later is affected.
Before 2.7.9 with DD OS 8.3.1.30 is affected.

PowerProtect Data Domain Stack Overflow (v7.7.1.08.6) LPECVE-2026-26951 Published on April 20, 2026

Vulnerability Analysis

Weakness Type

What is a Stack Overflow Vulnerability?

Affected Versions

PowerProtect Data Domain Stack Overflow (v7.7.1.08.6) LPE
CVE-2026-26951 Published on April 20, 2026