CVE-2026-41121
HighCVSS 7.3Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Risk Assessment
The risk for the organization is the potential for privilege escalation by a local attacker, which could lead to unauthorized access to sensitive data or systems.
Recommendation
It is recommended to immediately update Dell Device Management Agent to version 26.05 or later to remediate this vulnerability.
Original NVD description (English source)
Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access ('Link Following’) vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

