6.3
CVE-2025-40896 - Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0
The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and sensitive informaβ¦
2
CVE-2025-40895 - HTML injection in Sensor Map in CMC before 25.6.0
A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTMβ¦
2.1
CVE-2025-40894 - HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0
A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured to use the Alerβ¦
5.3
CVE-2026-3103 - Deletion of passwords via RestApi
A logic error in the remove_password() function in Checkmk GmbH's Checkmk versions <2.4.0p23, <2.3.0p43, and 2.2.0 (EOL) allows a low-privileged user to cause data loss.
5.3
CVE-2026-25907 - Overly Restrictive Account Lockout Mechanism Causing Denial of Service in Dell PowerScale OneFS
Dell PowerScale OneFS, version 9.13.0.0, contains an overly restrictive account lockout mechanism vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
3.4
CVE-2026-21422 - External Control of System Setting in Dell PowerScale OneFS Enables Protection Mechanism Bypass
Dell PowerScale OneFS, versions 9.10.0.0 through 9.13.1.0, contains an external control of system or configuration setting vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to protection mechanism bypass.
6.7
CVE-2026-21424 - Unnecessary Privilege Execution Elevates Local User Access in Dell PowerScale OneFS
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
6.7
CVE-2026-21421 - Local Privilege Escalation via Execution with Unnecessary Privileges in Dell PowerScale OneFS
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
6.7
CVE-2026-21426 -
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privilegesβ¦
6.7
CVE-2026-21423 -
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution, denial of service, elevation of prβ¦