Zero Day MonitorZDM

← Back to list

4.3

CVE-2026-23773EXPLOITEDPATCHED

dell · disk library for mainframe

CVE-2026-23773: Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability.

Description

Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.

Affected Products

Vendor	Product	Versions
dell	disk library for mainframe	0, 0

References

https://www.dell.com/support/kbdoc/en-us/000458131/dsa-2026-091-security-update-for-dell-disk-library-for-mainframe-vulnerabilities?lang=en(vendor-advisory)

Related News (1 articles)

Tier C

VulDB5d ago

CVE-2026-23773 | Dell Disk Library for mainframe DLm2700 server-side request forgery (dsa-2026-091)

→ No new info (linked only)

CVSS 3.14.3 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

7.0.1.0 or later

CWECWE-918

PublishedApr 29, 2026

Last enriched5d agov2

Trending Score18

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-35155EXP

CVE-2026-35155: Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race

Dell security advisory (AV26-414)

MEDIUMCVE-2026-27105

CVE-2026-27105: Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link

MEDIUMCVE-2026-25908

CVE-2026-25908: Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulne

MEDIUMCVE-2026-32655

CVE-2026-32655: Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A l

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 29, 2026

Discovered by ZDM

Apr 29, 2026

Updated: severity, activelyExploited

Apr 29, 2026

Actively Exploited

Apr 29, 2026

Patch Available

Apr 29, 2026

Version History

v2

Last enriched 5d ago

v2Tier C5d ago

Updated severity to CRITICAL and marked the vulnerability as actively exploited.

severityactivelyExploited

via VulDB

v15d ago

Initial creation