CVE-2025-46371

Dell PowerFlex Manager, versions =4.6.2, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the ssh. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass...

PT-2026-33349

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper resource shutdown or release vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service...

EUVD-2026-20445

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation of error message containing sensitive information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information...

EUVD-2026-20468

Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and version 4.2.0.0, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading...

CVE-2026-24508

Dell Alienware Command Center AWCC, versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...

CVE-2026-21418

Dell Unity, versions 5.5.2 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root...

EUVD-2023-2244

Malicious code in bioql PyPI...

CVE-2025-32753

Summary: CVE-2025-32753 in Dell PowerScale OneFS (versions 9.5.0.0–9.10.0.1) is an SQL injection flaw caused by improper neutralization of certain SQL elements. A low-privilege, locally authenticated attacker could trigger denial of service, information disclosure, and information tampering. Affe...

CVE-2025-26331

Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution...

GHSA-8278-88VV-X98R Execution of untrusted code through config file

Impact It is possible to run arbitrary commands through the yaml.load method. This could allow an attacker with local access to the host to run arbitrary code by running the application with a specially crafted YAML configuration file. Workarounds Manually adjust yaml.load to yaml.safeload For mo...