← back
CVE-2026-35154

CVE-2026-35154

CVSS 6.3 MEDIUMEPSS 0.1%CWE-269
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
20 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation.
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H