CVE Catalog

CVE-2026-41121

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

3th percentile — higher than 3% of all known CVEs

Summary

Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Risk Assessment

The risk for the organization is the potential for privilege escalation by a local attacker, which could lead to unauthorized access to sensitive data or systems.

Recommendation

It is recommended to immediately update Dell Device Management Agent to version 26.05 or later to remediate this vulnerability.

Original NVD description (English source)

Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access ('Link Following’) vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS