CVE-2026-35155 HIGH

CVE-2026-35155

Vendor Dell
Product iDRAC10
Weakness CWE-522 · Insufficiently protected credentials
Published April 29, 2026
Last update April 30, 2026

CVSS base score

7.1/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privileged attacker to gain elevated access.

Key dates

02Disclosure timeline

April 29, 2026 CVE published
April 30, 2026 Record updated