Medium severity5.8NVD Advisory· Published May 11, 2026· Updated May 12, 2026
CVE-2026-35157
CVE-2026-35157
Description
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:a:dell:elastic_cloud_storage:*:*:*:*:*:*:*:*Range: >=3.8.1.0,<4.3.0.0
cpe:2.3:a:dell:objectscale:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:dell:objectscale:*:*:*:*:*:*:*:*range: <4.3.0.0
- (no CPE)range: <4.3.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.