Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
18 February 2026
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG).
The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials