Showing the 20 most recent items, newest first. Each row links to the official advisory.
20 rows · sorted newest first
Operations view
display and peripheral manager vulnerability (CVE-2026-46734)
HIGH
watchNVDCVE-2026-46734
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
display and peripheral manager vulnerability (CVE-2026-46732)
HIGH
watchNVDCVE-2026-46732
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
wyse management suite vulnerability (CVE-2026-44271)
HIGH
watchNVDCVE-2026-44271
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
unisphere for powermax virtual appliance vulnerability (CVE-2022-34363)
HIGH
watchNVDCVE-2022-34363
Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX application running in vApp
Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data.
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker.
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote execution.
Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write
alienware command center vulnerability (CVE-2026-32655)
HIGH
watchNVDCVE-2026-32655
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
alienware command center vulnerability (CVE-2026-25908)
HIGH
watchNVDCVE-2026-25908
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
powerprotect dp series appliance vulnerability (CVE-2026-26354)
CRITICAL
watchNVDCVE-2026-26354
Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain a stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
powerprotect dp series appliance vulnerability (CVE-2026-26942)
HIGH
watchNVDCVE-2026-26942
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
display and peripheral manager vulnerability (CVE-2026-46734)
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
display and peripheral manager
HIGHCVE-2026-46734
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.1% EPSS.
display and peripheral manager vulnerability (CVE-2026-46732)
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
display and peripheral manager
HIGHCVE-2026-46732
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.1% EPSS.
wyse management suite vulnerability (CVE-2026-44271)
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
wyse management suite
HIGHCVE-2026-44271
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.2% EPSS.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection.
powerflex manager
HIGHCVE-2026-35069
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.2% EPSS.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access.
powerflex manager
HIGHCVE-2026-49502
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.2% EPSS.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access.
powerflex manager
HIGHCVE-2026-35067
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.1% EPSS.
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
powerflex manager
HIGHCVE-2026-22283
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.2% EPSS.
unisphere for powermax virtual appliance vulnerability (CVE-2022-34363)
Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX application running in vApp
unisphere for powermax virtual appliance
HIGHCVE-2022-34363
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data.
elastic cloud storage
HIGHCVE-2022-31231
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
powerflex appliance intelligent catalog
HIGHCVE-2025-32749
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
powerflex appliance intelligent catalog
HIGHCVE-2025-32747
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.
powerflex appliance intelligent catalog
HIGHCVE-2025-26483
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.1% EPSS.
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker.
elastic cloud storage
HIGHCVE-2026-40636
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.1% EPSS.
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote execution.
elastic cloud storage
CRITICALCVE-2026-35157
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.3% EPSS.
Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
automation platform
HIGHCVE-2026-32658
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write
dell\/alienware purchased apps
HIGHCVE-2026-27105
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
alienware command center vulnerability (CVE-2026-32655)
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
alienware command center
HIGHCVE-2026-32655
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
alienware command center vulnerability (CVE-2026-25908)
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
alienware command center
HIGHCVE-2026-25908
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS.
powerprotect dp series appliance vulnerability (CVE-2026-26354)
Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain a stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
powerprotect dp series appliance
CRITICALCVE-2026-26354
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.5% EPSS.
powerprotect dp series appliance vulnerability (CVE-2026-26942)
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
powerprotect dp series appliance
HIGHCVE-2026-26942
Watch
Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.1% EPSS.
The Dellwatch hub is a vendor-specific view inside ITECS MSP Threat Radar. We pull the latest security advisories, incidents, and known-exploited CVEs directly from the official feeds below, score each one for MSP relevance, and surface what's most likely to need attention this week.
Confirm whether recent Dell activity overlaps with your environment.
Prioritize advisories by MSP-relevance score, severity, and status.
Turn the signal into an assessment, briefing, or managed-service engagement with ITECS.
At a glance
Tracked
65
Active
2
Featured
20
Unique CVEs
20
Most recent entry
Jun 25, 2026, 9:16 AM
Feed refreshes daily · 5:15 a.m. Central
Sources·CISA KEV and NVD (product vendor coverage)
"Most recent entry" is the newest item the upstream feed has published — not our sync time.
It is the Dell-specific view inside ITECS Threat Radar, built to track recent advisories, incidents, and watch items that may affect Dallas-area business operations.
How should teams use the Dell watch page?
Use it to confirm whether current Dell issues overlap with your environment, prioritize remediation, and decide whether you need an assessment, managed security follow-through, or vendor-specific hardening work.
Can ITECS help respond to Dell security issues?
Yes. ITECS can help map Dell advisories against your systems, validate affected services, prioritize remediation, and connect the issue to broader managed cybersecurity or managed IT workflows.