cbcvebase.
CVE-2026-26359
published 2026-02-19

CVE-2026-26359: Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access…

PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.38%
29.3th percentile
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files.

Affected

3 ranges
VendorProductVersion rangeFixed in
dellpowermax>= N/A < 10.3.0.1 or later10.3.0.1 or later
dellunisphere_for_powermax< 10.3.0.110.3.0.1
dellunisphere_for_powermax>= N/A < 10.3.0.1 or later10.3.0.1 or later
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.