CVE-2026-46465

Summary

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of externally-controlled format string vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and denial of service.

Affected Software

VendorProductVersion RangeStatus
DellPowerProtect Data Domain0 < 8.8.0.0 or lateraffected
DellPowerProtect Data Domain0 < 8.6.1.20 or lateraffected
DellPowerProtect Data Domain0 < 8.3.1.40 or lateraffected
DellPowerProtect Data Domain0 < 7.13.1.80 or lateraffected

Weaknesses

  • CWE-134: CWE-134: Use of Externally-Controlled Format String

References