Zero Day MonitorZDM

← Back to list

4.4

CVE-2026-24511PATCHED

dell · powerscale onefs

CVE-2026-24511: Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation o

Description

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation of error message containing sensitive information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.

Affected Products

Vendor	Product	Versions
dell	powerscale onefs	0

References

https://www.dell.com/support/kbdoc/en-us/000449337/dsa-2026-125-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities(vendor-advisory)

Related News (2 articles)

Tier C

VulDB2d ago

CVE-2026-24511 | Dell PowerScale OneFS up to 9.5.0.0/9.10.1.6/9.11.0.0/9.13.0.0 information exposure (dsa-2026-125)

→ No new info (linked only)

Tier B

BSI Advisories3d ago

[NEU] [mittel] Dell PowerScale OneFS: Mehrere Schwachstellen

→ No new info (linked only)

CVSS 3.14.4 MEDIUM

VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited❌ No

Patch available

9.10.1.7 or later

CWECWE-209

PublishedApr 8, 2026

Last enriched2d agov2

Trending Score25

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-27102

CVE-2026-27102: Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.1, contains an incorrect p

HIGHCVE-2026-28261

CVE-2026-28261: Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and version 4.2.0

HIGHCVE-2026-22768

CVE-2026-22768: Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low

LOWCVE-2026-28264

CVE-2026-28264: Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission Assignment for Critical Re

MEDIUMCVE-2026-27101

CVE-2026-27101: Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Impro

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 8, 2026

Discovered by ZDM

Apr 8, 2026

Updated: severity

Apr 8, 2026

Patch Available

Apr 8, 2026

Version History

v2

Last enriched 2d ago

v2Tier C2d ago

Updated severity from MEDIUM to HIGH and clarified that no exploit is available.

severity

via VulDB

v12d ago

Initial creation