# CVE-2026-23779

> Vulnerability · severity: **MEDIUM** (CVSS 6.7).

## Description

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain root-level access.

## Key facts

- **CVE ID:** CVE-2026-23779
- **Published:** 2026-04-17
- **CVSS severity:** MEDIUM
- **CVSS base score:** 6.7
- **CWE codes:** CWE-77

## Affected products

- `dell:powerprotect_dp_series_appliance`
- `dell:data_domain_operating_system`

## Primary sources

- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-23779

## Citation

> AI Analytics. CVE-2026-23779. Retrieved 2026-07-19 from https://api.ai-analytics.org/cve/CVE-2026-23779. Derived from NIST NVD. Licensed CC0.

---

*[Dataset catalog](https://api.ai-analytics.org/datasets/) · [AI Analytics](https://api.ai-analytics.org/) · CC0 1.0*