← back
CVE-2026-41124

CVE-2026-41124

CVSS 2.3 LOWEPSS 0.1%CWE-22
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 2.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
03 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper limitation of a pathname to a restricted directory ('path traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N