Vulnerability Details CVE-2026-35157
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 23.4%
CVSS Severity
CVSS v3 Score 5.8
Products affected by CVE-2026-35157
-
cpe:2.3:a:dell:elastic_cloud_storage:3.8.1.0
-
cpe:2.3:a:dell:elastic_cloud_storage:3.8.1.1
-
cpe:2.3:a:dell:elastic_cloud_storage:3.8.1.2
-
cpe:2.3:a:dell:elastic_cloud_storage:3.8.1.3
-
cpe:2.3:a:dell:elastic_cloud_storage:3.8.1.4
-
cpe:2.3:a:dell:elastic_cloud_storage:3.8.1.5
-
cpe:2.3:a:dell:elastic_cloud_storage:3.8.1.6
-
cpe:2.3:a:dell:objectscale:*