Uncontrolled Search Path Element in Dell Repository Manager
CVE-2026-21420

7.3HIGH

Key Information:

Vendor: Dell
Status: Repository Manager
Vendor: CVE Published:; 23 February 2026

What is CVE-2026-21420?

Dell Repository Manager (DRM) versions prior to 3.4.8 are susceptible to an Uncontrolled Search Path Element vulnerability. This weakness allows a low privileged attacker with local access to exploit the system, leading to the potential execution of arbitrary code and escalation of their privileges. Protecting systems running affected versions is crucial to prevent unauthorized malicious activities.

Affected Version(s)

Repository Manager < 3.4.8 or later

References

https://www.dell.com/support/kbdoc/en-us/000430183/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 23, 2026
Vulnerability Reserved
Dec 24, 2025

CVE-2026-21420 Data

JSON