CVE-2026-54483
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1
CVSS
6.7
Medium
EPSS
0.5%
p36
KEV
—
Exploit Today
11
0-100
Published: Jul 3, 2026 · Last modified: Jul 8, 2026 · CWE-78
0.5%EPSS · 30 days0.5%
2026-07-042026-07-18
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-341978.8 HIG99.9%
KEV—80Apache ActiveMQ Improper Input Validation Vulnerability4dCVE-2024-121210.0 CRI99.9%
KEV—80Progress Kemp LoadMaster OS Command Injection Vulnerability5dCVE-2026-398089.8 CRI99.7%
KEV—80Fortinet FortiSandbox OS Command Injection Vulnerability2dCVE-2022-262589.8 CRI99.6%
KEV—80D-Link DIR-820L Remote Code Execution Vulnerability9dCVE-2026-422718.8 HIG99.6%
KEV—80BerriAI LiteLLM Command Injection Vulnerability4dCVE-2021-252988.8 HIG99.5%
KEV—80Nagios XI OS Command Injection9d