CVE-2026-22270
Received Received - Intake
Uncontrolled Search Path Vulnerability in Dell PowerScale OneFS

Publication date: 2026-03-04

Last updated on: 2026-03-04

Assigner: Dell

Description
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, and information disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-04
Last Modified
2026-03-04
Generated
2026-06-16
AI Q&A
2026-03-04
EPSS Evaluated
2026-06-14
NVD
CVE-2026-22270
EUVD
EUVD-2026-9391
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dell powerscale_onefs to 9.10.1.6 (exc)
dell powerscale_onefs From 9.11.0.0 (inc) to 9.13.0.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-427 The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Dell PowerScale OneFS versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1. It is an uncontrolled search path element vulnerability, which means that the software improperly handles the search path for executable files or libraries.

A high privileged attacker with local access could exploit this flaw to execute unauthorized actions.

Impact Analysis

Exploitation of this vulnerability can lead to several serious impacts including denial of service, elevation of privileges, and information disclosure.

  • Denial of Service (DoS) - The attacker could disrupt normal operations of the system.
  • Elevation of Privileges - The attacker could gain higher access rights than intended.
  • Information Disclosure - Sensitive information could be exposed to unauthorized users.
Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22270. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart