CVE-2026-23862

HIGH

7.8

CVSS Severity Score

EPSS Score0.1190%

EPSS Percentile31.08th

PublishedMar 16, 2026

Last ModifiedJun 2, 2026

Vulnerability Description

Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Affected Platforms (CPE)

💻

Dell

Thinos

>= 2602 and < 2602.10.0573

References & Advisories

🔗 https://www.dell.com/support/kbdoc/en-us/000435801/dsa-2026-122

Related Vulnerabilities

CVE-2020-2949110.0

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker...

CVE-2020-2949210.0

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker...

CVE-2010-303110.0

Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other versions before ThinOS 6.5, allows remote attackers to cause a deni...

CVE-2021-344239.8

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before ve...