CVE-2026-28265 MEDIUM

CVE-2026-28265

Vendor Dell
Product PowerStore
Weakness CWE-35
Published April 1, 2026
Last update April 1, 2026

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.

Key dates

02Disclosure timeline

April 1, 2026 CVE published
April 1, 2026 Record updated