CVE-2026-50033

CVE-2026-50033 affects Acronis DeviceLock DLP for Windows prior to build 9.0.15051.93227, enabling local privilege escalation via DLL hijacking. CVSS v3.0 base score 7.3 (High); attack vector LOCAL, privileges required LOW, user interaction REQUIRED. No exploitation details are provided in the co...

CVE-2026-36574

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

EUVD-2026-34098

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

PT-2026-46065

Name of the Vulnerable Software and Affected Versions Acronis DeviceLock DLP Windows versions prior to 9.0.15051.93227 Description Local privilege escalation is possible due to a DLL hijacking issue. DLL hijacking occurs when an application loads a malicious dynamic-link library DLL instead of th...

CVE-2026-36574

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

CVE-2024-36333

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

EUVD-2026-28329

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

CVE-2026-25852

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212...

Acronis DeviceLock DLP 代码问题漏洞

Acronis DeviceLock DLP is a terminal security protection system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to version 9.0.93212 contained code vulnerabilities related to DLL hijacking,...

EUVD-2025-209559

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

CVE-2026-1636

Lenovo Service Bridge is affected by a DLL hijacking vulnerability that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges. The issue is documented across multiple sources (CVE-2026-1636) with a vulnerability pattern described as DLL search ...

CVE-2026-5397 Vulnerability Related to an Uncontrolled Search Path Element in a UPS Management Application

It has been identified that a vulnerability CWE-427 exists in the UPS Uninterruptible Power Supply management application, whereby improper permissions on the installation directory allow a malicious actor to place a DLL that is then executed with administrator privileges. If a malicious DLL is...

CVE-2026-40031

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

CVE-2026-40031

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

CVE-2026-22561

CVE-2026-22561 concerns Anthropic Claude for Windows installer (Claude Setup.exe). The vulnerability arises from Uncontrolled search path elements, where the installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling local privilege escalation via DLL search-ord...

PT-2026-29282

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

EUVD-2026-12363

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows 64-bit allows a local attacker to escalate privileges via DLL side-loading. The application loads certain dynamic-link library DLL dependencies using the default Windows search order, which includes directories...

CVE-2026-28711

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

EUVD-2026-9946

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

CVE-2025-11792

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 41124...