A critical zero-day vulnerability, tracked as CVE-2026-22769, is being actively exploited in Dell Technologies’ RecoverPoint for Virtual Machines. According to Mandiant and Google Threat Intelligence Group (GTIG), the flaw carries a perfect score severity score of 10, and has been weaponized by a Chinese threat cluster, identified as UNC6201. 

Dell RecoverPoint for Virtual Machines is designed to manage backup and disaster recovery for VMware virtual machines. However, exploitation of CVE-2026-22769 enables unauthenticated attackers to gain access to the underlying system and maintain root-level persistence through a hardcoded credential weakness. How CVE-2026-22769 Was Exploited  During mu...