CVE-2026-35157 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.8 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 29%

Affected Products (NVD)

Vendor	Product	Version
dell	elastic_cloud_storage	3.8.1.0 ≤ 𝑥 < 4.3.0.0
dell	objectscale	𝑥 < 4.3.0.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
The software saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software.

Vulnerability Media Exposure

[GERMAN] Dell ECS: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um erweiterte Privilegien zu erlangen, beliebigen Code auszuführen und Sicherheitsmaßnahmen zu umgehen.
Published: 2026-05-11T22:00:00+00:00

References

https://www.dell.com/support/kbdoc/en-us/000462117/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities-1