CVE-2026-22281Time-of-check Time-of-use (TOCTOU) Race Condition in Dell Powerscale Onefs

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition3 documents3 sources
Severity
4.8MEDIUMNVD
CNA3.5
EPSS
0.0%
top 99.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedJan 22

Description

Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to denial of service.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/powerscale_onefsN/A9.13.0.0+3
NVDdell/powerscale_onefs9.5.0.09.5.1.6+3

🔴Vulnerability Details

2
GHSA
GHSA-wf4j-qrxg-6hf2: Dell PowerScale OneFS, versions 92026-01-22
CVEList
CVE-2026-22281: Dell PowerScale OneFS, versions 92026-01-22
CVE-2026-22281 — Dell Powerscale Onefs vulnerability | cvebase