CVE-2026-41116

6.3 MEDIUM

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vuln...

Published: 2026-06-09 · Last updated: 2026-06-09

Severity and scoring

CVSS: 6.3 MEDIUM
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-1386

Description

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-41116
[Other]https://www.dell.com/support/kbdoc/en-us/000463760/dsa-2026-215

Related CVEs

Same CWE

CVE-2025-58074 — A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store (8.8 HIGH)