Zero Day MonitorZDM

← Back to list

8.1

CVE-2026-26354PATCHED

dell · powerprotect data domain

CVE-2026-26354: Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2

Description

Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain a stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.

Affected Products

Vendor	Product	Versions
dell	powerprotect data domain	0, 0, 0, 0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
dell	powerprotect data domain os	cert_advisory	90%

References

https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities(vendor-advisory)

Related News (2 articles)

Tier B

BSI Advisories4d ago

[NEU] [hoch] Dell PowerProtect Data Domain OS: Schwachstelle ermöglicht Codeausführung

→ No new info (linked only)

Tier C

VulDB4d ago

CVE-2026-26354 | Dell PowerProtect Data Domain up to 7.13.1.60/8.3.1.10/8.6 stack-based overflow (dsa-2026-060)

→ No new info (linked only)

CVSS 3.18.1 HIGH

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

8.6.1.108.7.0.0 or later8.3.1.20 or later7.13.1.60 or later2.7.9 with DD OS 8.3.1.30

CWECWE-121

PublishedApr 22, 2026

Last enriched4d agov2

Trending Score26

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

Multiple Vulnerabilities in Dell Networking OS10, Dell Storage Monitoring and Reporting, Dell Storage Resource Manager, and Dell VxRail Appliance

HIGHCVE-2026-24506EXP

CVE-2026-24506: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 r

HIGHCVE-2026-23774EXP

CVE-2026-23774: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5,

HIGHCVE-2026-26943EXP

CVE-2026-26943: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 r

HIGHCVE-2026-26944

CVE-2026-26944: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 r

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 22, 2026

Discovered by ZDM

Apr 22, 2026

Updated: severity

Apr 22, 2026

Patch Available

Apr 23, 2026

Version History

v2

Last enriched 4d ago

v2Tier C4d ago

Updated severity to CRITICAL and corrected exploit availability to false.

severity

via VulDB

v14d ago

Initial creation