Search Results (2564 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24466 3 Murata Machinery, Oki Electric Industry, Ricoh Company 3 Murata Products, Oki Products, Ricoh Products 2026-04-17 N/A
Products provided by Oki Electric Industry Co., Ltd. and its OEM products (Ricoh Co., Ltd., Murata Machinery, Ltd.) register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.
CVE-2026-25880 1 Sumatrapdfreader 1 Sumatrapdf 2026-04-17 7.8 High
SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary (explorer.exe) located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s system with the privileges of the current user, without any warning or user interaction beyond the menu click.
CVE-2026-25655 1 Siemens 2 Sinec-nms, Sinec Nms 2026-04-17 7.8 High
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative privilege.(ZDI-CAN-28107)
CVE-2026-2360 1 Dalibo 1 Postgresql Anonymizer 2026-04-17 8 High
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version. With PostgreSQL 15 and later, the creation permission on the public schema is revoked by default and this exploit can only be achieved if a superuser adds a new schema in her/his own search_path and grants the CREATE privilege on that schema to untrusted users, both actions being clearly discouraged by the PostgreSQL documentation. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions
CVE-2026-25676 1 M-audio 1 M-track Duo Hd 2026-04-17 N/A
The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges.
CVE-2026-2538 1 Flos Freeware 1 Notepad2 2026-04-17 7 High
A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path. Attacking locally is a requirement. The attack's complexity is rated as high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-2542 1 Total Vpn 1 Total Vpn 2026-04-17 7 High
A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability is an unknown functionality of the file C:\Program Files\Total VPN\win-service.exe. Executing a manipulation can lead to unquoted search path. It is possible to launch the attack on the local host. This attack is characterized by high complexity. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-25926 1 Notepad-plus-plus 2 Notepad++, Notepad\+\+ 2026-04-17 7.3 High
Notepad++ is a free and open-source source code editor. An Unsafe Search Path vulnerability (CWE-426) exists in versions prior to 8.9.2 when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if an attacker can control the process working directory. Under certain conditions, this could lead to arbitrary code execution in the context of the running application. Version 8.9.2 patches the issue.
CVE-2026-26050 1 Ricoh 1 Jobblogging Aggregation Tool 2026-04-17 N/A
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges.
CVE-2026-26097 2 Owl, Owlcyberdefense 4 Opds, Opds-100, Opds-1000 and 1 more 2026-04-17 5.5 Medium
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request.
CVE-2026-26098 2 Owl, Owlcyberdefense 4 Opds, Opds-100, Opds-1000 and 1 more 2026-04-17 5.5 Medium
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request.
CVE-2026-26099 2 Owl, Owlcyberdefense 4 Opds, Opds-100, Opds-1000 and 1 more 2026-04-17 5.5 Medium
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request.
CVE-2026-2040 1 Pdf-xchange 1 Pdf-xchange Editor 2026-04-17 N/A
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of PDF-XChange Editor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TrackerUpdate process. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of a target user. Was ZDI-CAN-27788.
CVE-2026-2998 1 Eai Technologies 1 Erp F2 2026-04-17 7.8 High
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code.
CVE-2026-40031 1 Ufrisk 1 Memprocfs 2026-04-17 7.8 High
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malicious DLL or shared library in the working directory or manipulates LD_LIBRARY_PATH can achieve arbitrary code execution when MemProcFS loads.
CVE-2024-58343 1 Vision 1 Helpdesk 2026-04-17 4.3 Medium
Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_id.
CVE-2026-40947 1 Yubico 3 Libfido2, Python-fido2, Yubikey-manager 2026-04-17 2.9 Low
Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path.
CVE-2026-5397 1 Omron 1 Powerattendant Standard Edition 2026-04-17 7.8 High
It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninterruptible Power Supply) management application, whereby improper permissions on the installation directory allow a malicious actor to place a DLL that is then executed with administrator privileges. If a malicious DLL is placed in the installation directory of this product, there is a possibility that the malicious DLL may be executed by exploiting the product’s behavior of loading missing DLLs from the same directory as the executable during service startup.
CVE-2026-4913 1 Ivanti 1 Neurons For Itsm 2026-04-17 5.7 Medium
Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled.
CVE-2026-1636 1 Lenovo 1 Service Bridge 2026-04-17 6.7 Medium
A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges.