Vulnerability Details CVE-2026-26951
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.0%
CVSS Severity
CVSS v3 Score 6.7
Products affected by CVE-2026-26951
-
cpe:2.3:a:dell:powerprotect_dp_series_appliance:*
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.0
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.30
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.40
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.50
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.60
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.70
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.80
-
cpe:2.3:o:dell:data_domain_operating_system:7.11.0.0
-
cpe:2.3:o:dell:data_domain_operating_system:7.13
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.0
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.10
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.20
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.25
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.30
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.40
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.50
-
cpe:2.3:o:dell:data_domain_operating_system:7.7.1.0
-
cpe:2.3:o:dell:data_domain_operating_system:7.7.5.40
-
cpe:2.3:o:dell:data_domain_operating_system:7.7.5.50
-
cpe:2.3:o:dell:data_domain_operating_system:7.8.0.0
-
cpe:2.3:o:dell:data_domain_operating_system:8.3.1.0
-
cpe:2.3:o:dell:data_domain_operating_system:8.3.1.10
-
cpe:2.3:o:dell:data_domain_operating_system:8.3.1.20
-
cpe:2.3:o:dell:data_domain_operating_system:8.4.0.0
-
cpe:2.3:o:dell:data_domain_operating_system:8.5.0.0
-
cpe:2.3:o:dell:data_domain_operating_system:8.6.0.0