CVE-2025-46638PATCHED

dell · bsafe ssl-j

CVE-2025-46638: Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remo

Description

Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service (DoS).

Affected Products

Vendor	Product	Versions
dell	bsafe ssl-j	0, 7.3

References

https://www.dell.com/support/kbdoc/en-us/000398976/dsa-2025-432-security-update-for-dell-bsafe-ssl-j-vulnerability(vendor-advisory)

Related News (1 articles)

Tier C

VulDB4d ago

CVE-2025-46638 | Dell BSAFE SSL-J up to 7.3 allocation of resources (dsa-2025-432)

→ No new info (linked only)

CVSS 3.17.5 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

7.4

CWECWE-770

PublishedJun 4, 2026

Last enriched4d agov2

Trending Score24

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

PRE-CVE

Multiple Vulnerabilities in Dell Products Including Dell Private Cloud, PowerSwitch Z9864F-ON, Dell Automation Platform, and Dell VxRail Appliance

Trending: 20

MEDIUMCVE-2026-40713EXP

CVE-2026-40713: Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenti

Trending: 19

HIGHCVE-2026-40715

CVE-2026-40715: Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A low privile

Trending: 16

MEDIUMCVE-2026-35070

CVE-2026-35070: Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used

Trending: 8

NONECVE-2026-9489EXP

NitroSense V3: Local Privilege Escalation (LPE) vulnerability

Trending: 5

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 4, 2026

Discovered by ZDM

Jun 4, 2026

Patch Available

Jun 4, 2026

Updated: affectedVersions, severity

Jun 4, 2026

Version History

Last enriched 4d ago

v2Tier C4d ago

Updated affected versions to include 7.3, changed severity to CRITICAL, and noted that no exploit is available.

affectedVersionsseverity

via VulDB

v14d ago

Initial creation