CVE-2026-46735

HIGH

Dell Display And Peripheral Manager - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Title source: rule
STIX 2.1

Description

Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

References (1)

Core 1

Scores

CVSS v3 7.8
EPSS 0.0069
EPSS Percentile 48.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-78
Status published
Products (1)
Dell/Display and Peripheral Manager < Version 2.3 and later
Published Jun 25, 2026
Tracked Since Jun 25, 2026