← back
CVE-2026-26354

CVE-2026-26354

CVSS 8.1 HIGHEPSS 0.5%CWE-121
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.1EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
22 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain a stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Dell · PowerProtect Data Domain

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities