VYPR
Medium severity5.8NVD Advisory· Published May 11, 2026· Updated May 12, 2026

CVE-2026-35157

CVE-2026-35157

Description

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:dell:elastic_cloud_storage:*:*:*:*:*:*:*:*
    Range: >=3.8.1.0,<4.3.0.0
  • Dell/Objectscale2 versions
    cpe:2.3:a:dell:objectscale:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:dell:objectscale:*:*:*:*:*:*:*:*range: <4.3.0.0
    • (no CPE)range: <4.3.0.0
  • Dell/ECSllm-fuzzy
    Range: >=3.8.1.0 <=3.8.1.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.