CVE-2026-24070

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

CVE-2026-24070 Local Privilege Escalation via DYLIB Injection in Native Instruments Native Access

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

CVE-2026-24070

CVE-2026-24070 describes a local privilege escalation in Native Instruments Native Access. The installer deploys a privileged helper (com.native-instruments.NativeAccess.Helper2) used via XPC to perform actions like copy-file, remove, or set-permissions. The XPC service restricts access to client...

Native Instruments Native Access 安全漏洞

Native Instruments Native Access is a one-stop device management center provided by the German company Native Instruments. There is a security vulnerability in Native Instruments Native Access, which stems from the application having permission to allow DYLIB injection, potentially leading to...

CVE-2025-13176

Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL...

CVE-2025-13176

Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL...

CVE-2025-13176 Local privilege escalation in ESET Inspect Connector for Windows

Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL...

EUVD-2025-206582

Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL...

EUVD-2025-206380

DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's search path...

CVE-2025-71178

Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vulnerability. During installation, the installer runs with elevated privileges and loads Windows DLLs using an uncontrolled search path, which can cause a malicious DLL placed alongside the installer t...

PT-2026-4833

Name of the Vulnerable Software and Affected Versions Western Digital WD Discovery version 5.2.730 Description A flaw exists in the WD Discovery Installer that allows a local attacker to execute arbitrary code. This is possible through DLL hijacking by placing a crafted DLL in the installer’s...

CVE-2026-23755

D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...

Notepad++ Plugin Persistence

This Metasploit module create persistence by adding a malicious plugin to Notepad++, as it blindly loads and executes DLL from its plugin directory on startup, meaning that the payload will be executed every time Notepad++ is launched...

Hiding in Plain Sight: Multi-Actor ahost.exe Attacks

Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe By Mallikarjun Wali and Mohideen Abdul Khader · January 14, 2026 Executive summary The Trellix Advanced Research Center has uncovered an active malware campaign that exploits a DLL sideloading...

CVE-2020-36911

Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system...

Axtion ODISSAAS ODIS 安全漏洞

Axtion ODISSAAS ODIS is a vehicle diagnostic software from the Dutch company Axtion. A security vulnerability exists in Axtion ODISSAAS ODIS version 1.8.4, which originates in a specially crafted DLL file and could lead to the execution of arbitrary code...

EUVD-2026-1590

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

PT-2026-2059

Name of the Vulnerable Software and Affected Versions PIONEER CORPORATION installers affected versions not specified Description The installers for multiple products provided by PIONEER CORPORATION have a flaw in how they handle Dynamic Link Library DLL search paths. This can result in the loadin...

CVE-2019-25268 NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SM...

CVE-2019-25268 NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SM...