Dell threat watch

Dell product CVE coverage for endpoints, servers, storage platforms, firmware, management tools, and enterprise hardware.

Watch items

Recent Dell watch items

Showing the 20 most recent items, newest first. Each row links to the official advisory.

20 rows · sorted newest first

Operations view

display and peripheral manager vulnerability (CVE-2026-46734)

HIGH
watchNVDCVE-2026-46734

Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass.

Jun 25, 2026, 9:16 AMOfficial source

display and peripheral manager vulnerability (CVE-2026-46732)

HIGH
watchNVDCVE-2026-46732

Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Jun 25, 2026, 9:16 AMOfficial source

wyse management suite vulnerability (CVE-2026-44271)

HIGH
watchNVDCVE-2026-44271

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Jun 22, 2026, 3:16 PMOfficial source

powerflex manager vulnerability (CVE-2026-35069)

HIGH
watchNVDCVE-2026-35069

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection.

Jun 17, 2026, 12:16 PMOfficial source

powerflex manager vulnerability (CVE-2026-49502)

HIGH
watchNVDCVE-2026-49502

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access.

Jun 17, 2026, 10:16 AMOfficial source

powerflex manager vulnerability (CVE-2026-35067)

HIGH
watchNVDCVE-2026-35067

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access.

Jun 17, 2026, 10:16 AMOfficial source

powerflex manager vulnerability (CVE-2026-22283)

HIGH
watchNVDCVE-2026-22283

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Jun 17, 2026, 10:16 AMOfficial source

unisphere for powermax virtual appliance vulnerability (CVE-2022-34363)

HIGH
watchNVDCVE-2022-34363

Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the  Unisphere for VMAX application running in vApp

May 22, 2026, 11:16 AMOfficial source

elastic cloud storage vulnerability (CVE-2022-31231)

HIGH
watchNVDCVE-2022-31231

Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data.

May 22, 2026, 11:16 AMOfficial source

powerflex appliance intelligent catalog vulnerability (CVE-2025-32749)

HIGH
watchNVDCVE-2025-32749

Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

May 22, 2026, 9:16 AMOfficial source

powerflex appliance intelligent catalog vulnerability (CVE-2025-32747)

HIGH
watchNVDCVE-2025-32747

Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

May 22, 2026, 9:16 AMOfficial source

powerflex appliance intelligent catalog vulnerability (CVE-2025-26483)

HIGH
watchNVDCVE-2025-26483

Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

May 22, 2026, 9:16 AMOfficial source

elastic cloud storage vulnerability (CVE-2026-40636)

HIGH
watchNVDCVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker.

May 11, 2026, 5:16 AMOfficial source

elastic cloud storage vulnerability (CVE-2026-35157)

CRITICAL
watchNVDCVE-2026-35157

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote execution.

May 11, 2026, 5:16 AMOfficial source

automation platform vulnerability (CVE-2026-32658)

HIGH
watchNVDCVE-2026-32658

Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

May 11, 2026, 5:16 AMOfficial source

dell\/alienware purchased apps vulnerability (CVE-2026-27105)

HIGH
watchNVDCVE-2026-27105

Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write

Apr 29, 2026, 2:16 PMOfficial source

alienware command center vulnerability (CVE-2026-32655)

HIGH
watchNVDCVE-2026-32655

Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Apr 27, 2026, 2:16 PMOfficial source

alienware command center vulnerability (CVE-2026-25908)

HIGH
watchNVDCVE-2026-25908

Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Apr 27, 2026, 1:16 PMOfficial source

powerprotect dp series appliance vulnerability (CVE-2026-26354)

CRITICAL
watchNVDCVE-2026-26354

Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain a stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.

Apr 22, 2026, 2:17 PMOfficial source

powerprotect dp series appliance vulnerability (CVE-2026-26942)

HIGH
watchNVDCVE-2026-26942

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.

Apr 20, 2026, 12:16 PMOfficial source

Vendor watch hub

What this page covers

The Dellwatch hub is a vendor-specific view inside ITECS MSP Threat Radar. We pull the latest security advisories, incidents, and known-exploited CVEs directly from the official feeds below, score each one for MSP relevance, and surface what's most likely to need attention this week.

  • Confirm whether recent Dell activity overlaps with your environment.
  • Prioritize advisories by MSP-relevance score, severity, and status.
  • Turn the signal into an assessment, briefing, or managed-service engagement with ITECS.

At a glance

Tracked

65

Active

2

Featured

20

Unique CVEs

20

Most recent entry

Jun 25, 2026, 9:16 AM

Feed refreshes daily · 5:15 a.m. Central

Sources·CISA KEV and NVD (product vendor coverage)

"Most recent entry" is the newest item the upstream feed has published — not our sync time.

Related vendors

Other productivity vendors in the radar

Vendor watch FAQ

Common questions

What is the Dell threat watch page?

It is the Dell-specific view inside ITECS Threat Radar, built to track recent advisories, incidents, and watch items that may affect Dallas-area business operations.

How should teams use the Dell watch page?

Use it to confirm whether current Dell issues overlap with your environment, prioritize remediation, and decide whether you need an assessment, managed security follow-through, or vendor-specific hardening work.

Can ITECS help respond to Dell security issues?

Yes. ITECS can help map Dell advisories against your systems, validate affected services, prioritize remediation, and connect the issue to broader managed cybersecurity or managed IT workflows.