cbcvebase.
CVE-2025-26476
published 2025-08-04

CVE-2025-26476: Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with…

PriorityP426medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.11%
1.6th percentile
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

Affected

4 ranges
VendorProductVersion rangeFixed in
dellecs>= N/A < 3.8.1.53.8.1.5
dellelastic_cloud_storage< 3.8.1.53.8.1.5
dellobjectscale
dellobjectscale>= 4.0.0.0 < 4.0.0.0 or later4.0.0.0 or later
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.