CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/03/24 9:31 p.m.•4 views

EUVD-2026-14949

5.9AI score0.00171EPSS

NVD•added 2026/03/24 7:16 p.m.•2 views

CVE-2026-1995

7.8CVSS0.00171EPSS

ATTACKERKB•added 2026/03/24 6:0 p.m.•8 views

CVE-2026-1995

5.9AI score0.00171EPSS

Vulnrichment•added 2026/03/24 6:0 p.m.•2 views

CVE-2026-1995 IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability

5.9AI score0.00171EPSS

Cvelist•added 2026/03/24 6:0 p.m.•22 views

CVE-2026-1995 IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability

0.00171EPSS

CVE•added 2026/03/24 6:0 p.m.•18 views

CVE-2026-1995

CVE-2026-1995 – IDrive for Windows privilege escalation : The id_service.exe process runs with SYSTEM privileges and reads UTF-16LE files under C:\ProgramData\IDrive. Any standard user can edit these files, enabling an attacker to overwrite or point the file contents to an arbitrary executable. T...

7.8CVSS5.9AI score0.00171EPSS

CNNVD•added 2026/03/24 12:0 a.m.•6 views

IDrive 安全漏洞

IDrive is a cloud backup and cloud storage service solution provided by the American company IDrive. There is a security vulnerability in IDrive, which stems from the idservice.exe process using privileged access to read files. This vulnerability could allow attackers to specify any executable pa...

7.8CVSS7.5AI score0.00171EPSS

Positive Technologies•added 2026/03/24 12:0 a.m.•6 views

PT-2026-27472

Name of the Vulnerable Software and Affected Versions IDrive versions affected versions not specified Description The id service.exe process operates with elevated privileges and routinely reads files located in the C:ProgramDataIDrive directory. These files, encoded in UTF16-LE, are used as...

7.8CVSS5.9AI score0.00171EPSS

Exploits0References13

CERT•added 2026/03/24 12:0 a.m.•8 views

IDrive for Windows contains local privilege escalation vulnerability

Overview The IDrive Cloud Backup Client for Windows, versions 7.0.0.63 and earlier, contains a privilege escalation vulnerability that allows any authenticated user to run arbitrary executables with NT AUTHORITY\SYSTEM permissions. Description IDrive is a cloud backup service that allows users to...

7.8CVSS6.3AI score0.00171EPSS

5.5CVSS5.6AI score0.00276EPSS

EUVD-2021-21339

Malware in sbrugna...

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-21342

Malware in sbrugna...

7.8CVSS7.6AI score0.00288EPSS

7.8CVSS7.7AI score0.00293EPSS

EUVD-2020-7348

Malware in sbrugna...

9.8CVSS9.2AI score0.01244EPSS

EUVD-2021-21340

Malware in sbrugna...

6.4CVSS6.4AI score0.01229EPSS

EUVD-2011-5189

Malware in sbrugna...

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-21338

Malware in sbrugna...

3.3CVSS4.5AI score0.00162EPSS

Positive Technologies•added 2025/09/02 12:0 a.m.•5 views

PT-2025-92: Local Privilege Escalation in IDrive

The vulnerability was identified in IDrive, version 4.0.0.38. The discovered vulnerability allows an attacker to escalate privileges from a normal user to root. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 02.09.2025 Recommendations: Update to version MacVersion...

7CVSS5.8AI score

BDU FSTEC•added 2025/07/22 12:0 a.m.•18 views

The vulnerability of IDrive’s backup software lies in its lack of access control mechanisms, which allows attackers to escalate their privileges.

The vulnerability of IDrive backup software is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges...

7.3CVSS5.5AI score

Exploits0References2Affected Software1

RedhatCVE•added 2025/05/22 9:34 p.m.•15 views

CVE-2021-34690

iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980...

9.8CVSS7.5AI score0.01244EPSS

RedhatCVE•added 2025/05/22 9:33 p.m.•5 views

CVE-2021-34688

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an...

3.3CVSS6.3AI score0.00162EPSS