Dell InvColl Client <13.8.0 LFR -> Arbitrary File Write: CVE-2026-41116 June 2026

Dell InvColl Client <13.8.0 LFR -> Arbitrary File Write
CVE-2026-41116 Published on June 9, 2026

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write.

Vulnerability Analysis

CVE-2026-41116 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity and availability.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

CWE-1386

Affected Versions

Before 13.8.0 is affected.

Dell InvColl Client <13.8.0 LFR -> Arbitrary File WriteCVE-2026-41116 Published on June 9, 2026

Vulnerability Analysis

Weakness Type

Affected Versions

Dell InvColl Client <13.8.0 LFR -> Arbitrary File Write
CVE-2026-41116 Published on June 9, 2026