Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2764 articles · 174925 vulns · 37/41 feeds (7d)
← Back to list
8.5
CVE-2026-56690EXPLOITEDPATCHED
dell · powerflex manager

CVE-2026-56690: Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an S

Description

Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure, Information exposure, and Unauthorized access.

Affected Products

VendorProductVersions
dellpowerflex manager0, 0

References

  • https://www.dell.com/support/kbdoc/en-us/000477538/dsa-2026-066-security-update-for-powerflex-software-multiple-vulnerabilities(vendor-advisory)

Related News (1 articles)

Tier C
VulDB3d ago
CVE-2026-56690 | Dell PowerFlex Manager 4.6.2.1 SQL Command sql injection
→ No new info (linked only)
CVSS 3.18.5 HIGH
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
5.1.0.1 or later4.5.5.2 or later
CWECWE-89
PublishedJul 10, 2026
Last enriched3d agov2
Trending Score27
Source articles1
Independent1
Info Completeness9/14
Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

MEDIUMCVE-2026-40639
CVE-2026-40639: Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical
Trending: 42
CRITICALCVE-2026-54469EXP
CVE-2026-54469: Dell Unisphere for PowerMax, version(s) 10.3.0.5 and prior, contain(s) a Deserialization of Untrusted Data vulnerability
Trending: 30
CRITICALCVE-2026-53483
CVE-2026-53483: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 r
Trending: 28
HIGHCVE-2026-56689EXP
CVE-2026-56689: Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an S
Trending: 27
CRITICALCVE-2026-53481
CVE-2026-53481: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 r
Trending: 22

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 10, 2026
Discovered by ZDM
Jul 10, 2026
Updated: affectedVersions, severity, activelyExploited
Jul 10, 2026
Actively Exploited
Jul 10, 2026
Patch Available
Jul 10, 2026

Version History

v2
Last enriched 3d ago
v2Tier C3d ago

Updated severity to CRITICAL, added affected version 4.6.2.1, and noted that no exploit is available.

affectedVersionsseverityactivelyExploited
via VulDB
v13d ago

Initial creation