CVE-2026-9491

creationtimestamp| type| source ---|---|--- 2026-06-04 13:20:18+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnhpnwevta2j...

📄 Microsoft Windows LNK File UI Misrepresentation Remote Code Execution

A critical vulnerability exists in Microsoft Windows LNK file handling that allows attackers to create malicious shortcut files that appear legitimate in Windows Explorer while executing arbitrary commands. The vulnerability is a UI misrepresentation flaw where Windows incorrectly displays file...

About Remote Code Execution – Windows LNK File (CVE-2025-9491) vulnerability

About Remote Code Execution - Windows LNK File CVE-2025-9491 vulnerability. A vulnerability in the Microsoft Windows shortcut .LNK handling mechanism allows malicious command-line arguments to be hidden in the Target field using whitespace characters, making them invisible to standard tools...

CVE-2025-9491

creationtimestamp| type| source ---|---|--- 2025-09-03 03:00:12+00:00| published-proof-of-concept| Telegram/BYReJHPPSyLhmcKeWSqbALuDJ9yVdorBmcZtQNEL87mls 2025-09-05 21:02:32+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3ly4knsjlmh2w 2025-10-31 12:03:46+00:00| seen|...

CVE-2015-9491

The ThemeMakers Blessing Premium Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information such as userlogin, userpass, and useremail values via a direct request for the wp-content/uploads/tmmdbmigrate/wpusers.dat URI...

CVE-2024-9491

DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution when running the impacted installer...

CVE-2024-9491

CVE-2024-9491 affects the Configuration Wizard 2 installer (Silicon Labs/Silicon Configuration Wizard 2) and is caused by an uncontrolled DLL search path, enabling DLL hijacking. Impact described in sources as local escalation that could lead to privilege escalation and arbitrary code execution w...

CVE-2024-9491 Uncontrolled search path can lead to DLL hijacking in Configuration Wizard 2 installer

DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution when running the impacted installer...

CVE-2020-9491

CVE-2020-9491 affects Apache NiFi ranges 1.2.0–1.11.4, where the UI/API enforce TLS v1.2 but intracluster communications (cluster request replication, Site-to-Site, load-balanced queues) allowed TLS v1.0/v1.1. The provided connected documents reiterate this scope, identifying the vulnerable compo...

TrendMicro Anti-Threat Toolkit Improper Fix

Hi @ll, on September 29, 2019, John Page reported a remote code execution with escalation of privilege in TrendMicro's Anti-Threat Toolkit to its vendor. TrendMicro assigned CVE-2019-9491 to this vulnerability and told the reporter, his dog and the world on October 18, 2019, that they had fixed t...

CVE-2019-9491

The connected Red Hat CVE entries confirm CVE-2019-9491 affects Trend Micro Anti-Threat Toolkit (ATTK) up to version 1.62.0.1218, allowing an attacker to place malicious files in the same directory and potentially achieve arbitrary remote code execution when executed. The Red Hat notes also refer...

Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Exploit

Exploit Title: Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Date: 2019-10-19 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: 1.62.0.1218 and below Tested on: Microsoft Windows CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...

Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution

Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Exploit Title: Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Date: 2019-10-19 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: 1.62.0.1218 and below Tested on: Microsoft Windows CVE: N/...

Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution

Exploit Title: Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Date: 2019-10-19 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: 1.62.0.1218 and below Tested on: Microsoft Windows CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...

CVE-2019-9491

creationtimestamp| type| source ---|---|--- 2019-10-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47527 2024-10-11 21:34:21+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/441...

Trend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-ATTK-REMOTE-CODE-EXECUTION.txt + ISR: Apparition Security Vendor www.trendmicro.com Product Trend Micro Anti-Threat Toolkit ATTK 1.62.0.1218...

CVE-2015-9491

The CVE-2015-9491 entry concerns ThemeMakers Blessing Premium Responsive theme for WordPress (

CVE-2018-9491

In AMediaCodecCryptoInfonew of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions:...

CVE-2018-9491

CVE-2018-9491 affects Android’s media framework: in NdkMediaCodec.cpp, AMediaCodecCryptoInfo_new may trigger an out-of-bounds write caused by an integer overflow. This could allow remote code execution in external apps with no extra privileges, with user interaction required for exploitation. Aff...

CVE-2016-9491

The CVE-2016-9491 entry applies to ManageEngine Applications Manager 12 and 13 prior to build 13690. An authenticated user able to access the /register.do page (likely an administrator) could browse the filesystem and read system files, including Applications Manager configuration and stored priv...