彙總 Dell 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 路徑處理缺陷與輸入驗證問題 等問題,部分漏洞可能導致 檔案覆寫,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2026-41121 | Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access ('Link Following’) vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | [email protected] | 7.3 | 0.12% | 2026-07-01 | 2026-07-06 |
| CVE-2026-49506 | Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution. | [email protected] | 7.2 | 0.55% | 2026-06-25 | 2026-06-26 |
| CVE-2026-46734 | Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass. | [email protected] | 7.3 | 0.07% | 2026-06-25 | 2026-06-29 |
| CVE-2026-46733 | Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | [email protected] | 7.8 | 0.10% | 2026-06-25 | 2026-06-29 |
| CVE-2026-46732 | Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | [email protected] | 6.7 | 0.07% | 2026-06-25 | 2026-06-29 |
| CVE-2026-41120 | Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution. | [email protected] | 9.8 | 0.26% | 2026-06-25 | 2026-06-26 |
| CVE-2026-44274 | Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. | [email protected] | 7.8 | 0.13% | 2026-06-22 | 2026-06-26 |
| CVE-2026-44273 | Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure. | [email protected] | 6.0 | 0.10% | 2026-06-22 | 2026-06-26 |
| CVE-2026-44272 | Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | [email protected] | 8.8 | 0.24% | 2026-06-22 | 2026-06-26 |
| CVE-2026-44271 | Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | [email protected] | 8.1 | 0.24% | 2026-06-22 | 2026-06-26 |
| CVE-2026-46461 | Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | [email protected] | 7.8 | 0.10% | 2026-06-19 | 2026-06-26 |
| CVE-2026-35069 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection. | [email protected] | 5.7 | 0.19% | 2026-06-17 | 2026-06-25 |
| CVE-2026-35068 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure. | [email protected] | 3.5 | 0.17% | 2026-06-17 | 2026-06-25 |
| CVE-2026-32652 | Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version. | [email protected] | 7.8 | 0.10% | 2026-06-17 | 2026-06-23 |
| CVE-2026-49502 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access. | [email protected] | 7.4 | 0.19% | 2026-06-17 | 2026-06-25 |
| CVE-2026-40641 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. | [email protected] | 4.8 | 0.10% | 2026-06-17 | 2026-06-25 |
| CVE-2026-35162 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | [email protected] | 4.3 | 0.19% | 2026-06-17 | 2026-06-25 |
| CVE-2026-35067 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access. | [email protected] | 5.7 | 0.15% | 2026-06-17 | 2026-06-25 |
| CVE-2026-35066 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | [email protected] | 7.1 | 0.18% | 2026-06-17 | 2026-06-25 |
| CVE-2026-35065 | Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access. | [email protected] | 8.8 | 0.33% | 2026-06-17 | 2026-06-25 |