OS Command Injection Vulnerability in Dell Container Storage Modules
CVE-2026-40711

8HIGH

Key Information:

Vendor: Dell
Status: Container Storage Modules
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-40711?

Dell Container Storage Modules, including versions csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, and csi-powermax v2.16.0, have an OS Command Injection vulnerability. This flaw allows a high privileged attacker with remote access to execute arbitrary commands on the affected systems. Proper mitigation strategies must be implemented to safeguard against potential exploits targeting this vulnerability.

Affected Version(s)

Container Storage Modules 0 < 2.15.2 or later

Container Storage Modules 0 < 2.17.0 or later

References

https://www.dell.com/support/kbdoc/en-za/000478300/dsa-20...

vendor-advisory

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Apr 15, 2026

CVE-2026-40711 Data

JSON