CVE-2025-26483HIGH 8.2EPSS p6.9%

CVE-2025-26483CVE-2025-26483

Description

Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
EPSS0.17% probability of exploitation · percentile 6.9% · 2026-06-18T12:00:27Z
Published2026-05-22
Last modified2026-05-22

Underlying weaknesses· 1

CWE-601

References

  1. https://www.dell.com/support/kbdoc/en-us/000391392/dsa-2025-434-security-update-for-dell-powerflex-appliance-multiple-third-party-component-vulnerabilities
  2. https://www.dell.com/support/kbdoc/en-us/000391568/dsa-2025-435-security-update-for-dell-powerflex-rack-multiple-third-party-component-vulnerabilities

1

TypeTargetConfidenceTier
WeaknessURL Redirection to Untrusted Site ('Open Redirect')cwe-6010%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-32750
CVE
CVE-2025-24381
CVE
CVE-2026-28264
CVE
CVE-2025-36594
CVE
CVE-2026-22266
CVE
CVE-2026-22267
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.