Improper Privilege Management in Dell ECS and ObjectScale Products
CVE-2026-26946

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Ecs; Objectscale
Vendor: CVE Published:; 11 May 2026

What is CVE-2026-26946?

Dell ECS (versions 3.8.1.0 to 3.8.1.7) and ObjectScale (versions prior to 4.3.0.0) exhibit an improper privilege management vulnerability. This security flaw allows attackers with local access to gain elevated privileges, potentially compromising the system's integrity. It is crucial for users and administrators of affected products to apply the latest security updates to mitigate risks associated with potential exploitation. For further details, refer to the vendor advisory.

Affected Version(s)

ECS 0 < 4.3.0.0 or later

ObjectScale 0 < 4.3.0.0 or later

References

https://www.dell.com/support/kbdoc/en-us/000462117/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2026
Vulnerability Reserved
Feb 16, 2026

CVE-2026-26946 Data

JSON