CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-26331

Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.0%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2025-26331

Dell » Latitude 3420 » Version: N/A

cpe:2.3:h:dell:latitude_3420:-
Dell » Latitude 3440 » Version: N/A

cpe:2.3:h:dell:latitude_3440:-
Dell » Latitude 5440 » Version: N/A

cpe:2.3:h:dell:latitude_5440:-
Dell » Latitude 5450 » Version: N/A

cpe:2.3:h:dell:latitude_5450:-
Dell » Optiplex 3000 Thin Client » Version: N/A

cpe:2.3:h:dell:optiplex_3000_thin_client:-
Dell » Optiplex 5400 All-In-One » Version: N/A

cpe:2.3:h:dell:optiplex_5400_all-in-one:-
Dell » Optiplex 7410 All-In-One » Version: N/A

cpe:2.3:h:dell:optiplex_7410_all-in-one:-
Dell » Optiplex 7420 All-In-One » Version: N/A

cpe:2.3:h:dell:optiplex_7420_all-in-one:-
Dell » Wyse 5070 Thin Client » Version: N/A

cpe:2.3:h:dell:wyse_5070_thin_client:-
Dell » Wyse 5470 All-In-One Thin Client » Version: N/A

cpe:2.3:h:dell:wyse_5470_all-in-one_thin_client:-
Dell » Wyse 5470 Mobile Thin Client » Version: N/A

cpe:2.3:h:dell:wyse_5470_mobile_thin_client:-
Dell » Thinos » Version: Any

cpe:2.3:o:dell:thinos:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-26331

Products

Pricing

Contact Us