Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2022-28226

🗓️ 15 Jun 2022 19:06:17Reported by yandexType 
cve
 cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 70 Views

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2022-28226
15 Jun 202220:15
attackerkb
BDU FSTEC		The vulnerability of the Yandex Browser, related to errors in processing temporary files, allows attackers to escalate their privileges.
21 Jun 202200:00
bdu_fstec
CNNVD		Yandex Browser 安全漏洞
15 Jun 202200:00
cnnvd
Cvelist		CVE-2022-28226
15 Jun 202219:06
cvelist
EUVD		EUVD-2022-32678
3 Oct 202520:07
euvd
NVD		CVE-2022-28226
15 Jun 202220:15
nvd
OSV		CVE-2022-28226
15 Jun 202220:15
osv
Prion		Privilege escalation
15 Jun 202220:15
prion
Positive Technologies		PT-2022-2932 · Yandex · Yandex Browser
30 Mar 202200:00
ptsecurity
RedhatCVE		CVE-2022-28226
23 May 202501:05
redhatcve
Rows per page
NVD
Node
yandexyandex_browserRange<22.3.3.801
AND
microsoftwindowsMatch-
[
  {
    "product": "Yandex Browser (Desktop)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to version 22.3.3.801"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 04:38Current
7.7High risk
Vulners AI Score7.7
CVSS 27.2
CVSS 3.17.8
EPSS0.00373
CWE-668
yandex browserwindowsvulnerabilitylocal privilegearbitrary code executiontemporary filesinsecure permissions
70