External Control of File Name or Path Vulnerability in Dell Unisphere for PowerMax
CVE-2026-26360

8.1HIGH

Key Information:

Vendor: Dell
Status: Unisphere For Powermax; Powermax
Vendor: CVE Published:; 19 February 2026

What is CVE-2026-26360?

A vulnerability has been identified in Dell Unisphere for PowerMax, where a low privileged attacker with remote access could exploit this weakness to delete arbitrary files from the system. This presents a risk as it could disrupt operations, compromise data integrity, and create potential avenues for further attacks.

Affected Version(s)

PowerMax < 10.3.0.1 or later

Unisphere for PowerMax < 10.3.0.1 or later

References

https://www.dell.com/support/kbdoc/en-us/000429268/dsa-20...

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 19, 2026
Vulnerability Reserved
Feb 13, 2026

CVE-2026-26360 Data

JSON