EUVD-2026-37877

Local privilege escalation by loading DLLs from a shared temporary directory in ANSSI’s DFIR-ORC, versions 10.2.7 and prior. An attacker with prior access to the system, can place a malicious DLL in C:\Windows\Temp and wait for the application to be executed. Because DFIR-ORC is extracted and...

CVE-2026-11958

ANSSI DFIR-ORC (versions up to 10.2.7) is affected by local privilege escalation via DLLs loaded from a shared temporary directory. An attacker with prior system access can drop a malicious DLL in C:\Windows\Temp and wait for the DFIR-ORC process, which is extracted and executed from that locatio...

CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

PT-2026-46313

Name of the Vulnerable Software and Affected Versions SQLite sqldiff.exe versions prior to 2025-12-26 Description The sqldiff.exe utility does not securely handle the conversion of Unicode characters to ANSI codepages by the Microsoft Windows C runtime. An attacker can exploit this by using the...

PT-2026-40578

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2026-34488

IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

CVE-2026-34488

Technical details beyond the high-level description are not publicly available in the provided documents. Monitor for updates from the listed references for affected products, vulnerable components, and remediation guidance.

EUVD-2026-25138

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

CVE-2026-32679

CVE-2026-32679 affects LiveOn Meet Client for Windows and Canon Network Camera Plugin installers (Downloader5Installer.exe, Downloader5InstallerForAdmin.exe, CanonNWCamPlugin.exe, CanonNWCamPluginForAdmin.exe). The installers insecurely load DLLs from the same directory; if a malicious DLL is pre...

Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries

Overview LiveOn Meet provided by Japan Media Systems Corporation is a web conferencing system. The installer of LiveOn Meet Client for Windows and the installer of Canon Network Camera Plugin insecurely load Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-32679 This...

PT-2026-31881

Name of the Vulnerable Software and Affected Versions Emocheck affected versions not specified Description Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed in the same directory, arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2025-59710

CVE-2025-59710 affects BizTalk360 prior to v11.5. The root cause is improper access control that allows any user to request loading a DLL; during loading, a method is invoked and a malicious DLL uploaded by an attacker can lead to remote code execution on the server. The vulnerability is referenc...

RATOC RAID Monitoring Manager for Windows 代码问题漏洞

RATOC RAID Monitoring Manager for Windows is a software developed by RATOC RAID in Japan, designed for monitoring and managing the RAID hard drive boxes it supports. RATOC RAID Monitoring Manager for Windows has a code vulnerability that stems from the installer loading DLLs from the current...

CVE-2026-26306

The CVE-2026-26306 entry concerns the installer for OM Workspace (Windows Edition) versions 2.4 and earlier, which insecurely loads Dynamic Link Libraries (DLLs) during installation. The root cause is improper DLL loading, enabling an attacker to execute arbitrary code with the privileges of the ...

CVE-2026-24317

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...

SAP GUI for Windows 代码问题漏洞

SAP GUI for Windows is an interface graphical software for Windows developed by the German company SAP. SAP GUI for Windows has a code vulnerability that stems from allowing DLL files to be loaded from any directory within the application. This vulnerability may allow malicious commands to be...

CVE-2026-26050

The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

CVE-2026-26050

CVE-2026-26050 affects the installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール prior to version 1.3.7 . The issue is in the DLL search path which may cause insecure loading of Dynamic Link Libraries, enabling arbitrary code execution with administrative privileges . CVSS metrics from JPCERT quantify t...

CVE-2026-25655

A vulnerability has been identified in SINEC NMS All versions V4.0 SP2. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative...

CVE-2026-24694

The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries DLLs, which could allow an attacker to execute arbitrary code with the privileges of the application...