cbcvebase.
CVE-2026-35070
published 2026-05-20

CVE-2026-35070: Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection')…

PriorityP336medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
EPSS
0.45%
36.0th percentile
Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.

Affected

2 ranges
VendorProductVersion rangeFixed in
dellsmartfabric_storage_software< 1.4.5 or later1.4.5 or later
dellsmartfabric_storage_software< 1.4.51.4.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.