CVE-2026-49813
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1
CVSS
6.7
Medio
EPSS
0.5%
p37
KEV
—
Exploit Today
11
0-100
Publicado: 3 jul 2026 · Última mod.: 8 jul 2026 · CWE-78
0.5%EPSS · 30 días0.5%
2026-07-042026-07-17
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-341978.8 ALT99.9%
KEV—80Apache ActiveMQ Improper Input Validation Vulnerability4dCVE-2024-121210.0 CRÍ99.9%
KEV—80Progress Kemp LoadMaster OS Command Injection Vulnerability5dCVE-2026-398089.8 CRÍ99.7%
KEV—80Fortinet FortiSandbox OS Command Injection Vulnerability1dCVE-2022-262589.8 CRÍ99.6%
KEV—80D-Link DIR-820L Remote Code Execution Vulnerability9dCVE-2026-422718.8 ALT99.6%
KEV—80BerriAI LiteLLM Command Injection Vulnerability4dCVE-2021-252988.8 ALT99.5%
KEV—80Nagios XI OS Command Injection9d