CVE Catalog

CVE-2026-41116

MediumCVSS 6.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

Dell Inventory Collector Client, versions prior to 13.8.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write.

Risk Assessment

This vulnerability could allow an attacker to modify or write files on the system, potentially leading to serious data security breaches.

Recommendation

It is recommended to update the Dell Inventory Collector Client to version 13.8.0 or later to mitigate this vulnerability.

Original NVD description (English source)

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS