CVSS: 2.7EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23859
https://notcve.org/view.php?id=CVE-2026-23859
24 Feb 2026 — Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass. • https://www.dell.com/support/kbdoc/en-us/000429141/dsa-2026-103 • CWE-602: Client-Side Enforcement of Server-Side Security •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23858
https://notcve.org/view.php?id=CVE-2026-23858
24 Feb 2026 — Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection. • https://www.dell.com/support/kbdoc/en-us/000429141/dsa-2026-103 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2026-22766
https://notcve.org/view.php?id=CVE-2026-22766
24 Feb 2026 — Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. • https://www.dell.com/support/kbdoc/en-us/000429141/dsa-2026-103 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-22765
https://notcve.org/view.php?id=CVE-2026-22765
24 Feb 2026 — Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges. • https://www.dell.com/support/kbdoc/en-us/000429141/dsa-2026-103 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36576
https://notcve.org/view.php?id=CVE-2025-36576
10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36577
https://notcve.org/view.php?id=CVE-2025-36577
10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36580
https://notcve.org/view.php?id=CVE-2025-36580
10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36578
https://notcve.org/view.php?id=CVE-2025-36578
10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-863: Incorrect Authorization •
CVSS: 8.5EPSS: 1%CPEs: 1EXPL: 0CVE-2025-36574
https://notcve.org/view.php?id=CVE-2025-36574
10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Unauthorized access. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-36: Absolute Path Traversal •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36575
https://notcve.org/view.php?id=CVE-2025-36575
10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-202: Exposure of Sensitive Information Through Data Queries •