CVE-2026-6645 Insecure Search Path Vulnerability in PaperCut Print Deploy Client for Windows

An insecure process execution vulnerability exists in the pc-printer-updater.exe component of the PaperCut Print Deploy Client for Windows. The application, which typically operates with high-level system privileges, attempts to perform an internal validation check by invoking a secondary system...

CVE-2026-6645

The CVE-2026-6645 vulnerability affects the PaperCut Print Deploy Client for Windows, specifically the pc-printer-updater.exe component. The issue arises when the application performs an internal validation by invoking a secondary system utility without an absolute path, relying on the OS search ...

Amazon Web Services Advanced Go Wrapper 安全漏洞

Amazon Web Services Advanced Go Wrapper is an open-source extension to existing Go language drivers provided by Amazon Web Services. There is a security vulnerability in Amazon Web Services Advanced Go Wrapper, which stems from an insecure search path in the GlobalDatabasePlugin. This vulnerabili...

IP Setting Software may insecurely load Dynamic Link Libraries

Overview IP Setting Software provided by i-PRO Co., Ltd. contains the following vulnerability in the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-34488 i-PRO Co., Ltd. reported this vulnerability to IPA to notify...

GreenShot 代码问题漏洞

GreenShot is a lightweight screenshot software tool for Windows developed by GreenShot Inc. Versions of Greenshot 1.3.312 and earlier contained a code vulnerability that stemmed from an insecure search path for executable files. This vulnerability could allow local attackers to execute arbitrary...

ROS-20260209-73-0040

A vulnerability in the Agent component of the Zabbix IT infrastructure monitoring system is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to gain write access to arbitrary system files in the /home/cecuser directory...

ROS-20260209-73-0041

A vulnerability in the Agent component of the Zabbix IT infrastructure monitoring system is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to gain write access to arbitrary system files in the /home/cecuser directory...

ROS-20260209-73-0036

Vulnerability in pgbouncer related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to escalate their privileges...

ROS-20260209-73-0039

A vulnerability in the Agent component of the Zabbix IT infrastructure monitoring system is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to gain write access to arbitrary system files in the /home/cecuser directory...

CVE-2026-0776

Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in...

CVE-2026-21427

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

CVE-2025-34396

MailEnable

Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries

Overview Installer of RakurakuMusen Start EX for Windows provided by NEC Corporation uses an inappropriate DLL search path list, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-12852 Impact Arbitrary code may be executed with the...

ROS-20251113-05

A vulnerability in the NVIDIA display driver is related to a synchronization issue. Exploitation of the vulnerability could allow an attacker to execute arbitrary code, escalate privileges, cause a denial of service, and disclose sensitive information A vulnerability in the NVIDIA display driver ...

ROS-20251028-11

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

Installer of AutoDownloader may insecurely load Dynamic Link Libraries

Overview Installer of AutoDownloader provided by Panasonic Connect Co., Ltd. contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-11223 Kazuma Matsumoto of GMO Cybersecurity ...

Elastic Beats filebeat < 9.1.0 Privilege Escalation

The version of Elastic Beats filebeat installed on the remote host is prior to 9.1.0. It is, therefore, affected by a vulnerability. An uncontrolled search path element vulnerability can lead to local privilege Escalation LPE via Insecure Directory Permissions. The vulnerability arises from...

ROS-20250724-07

A vulnerability in the Microsoft .NET software platform and Microsoft's software development tool Visual Studio is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

The vulnerability of the Yandex.Messenger for macOS, related to the use of an insecure search path, allows a hacker to elevate their privileges and gain access to the device’s hardware resources.

The vulnerability of the Yandex.Messenger for macOS relates to the use of an insecure search path. Exploiting this vulnerability can allow a hacker to gain increased privileges and access to the device’s hardware resources...

The vulnerability of the Apache Tomcat software lies in the use of an insecure search path, allowing attackers to execute arbitrary code.

The vulnerability of the Apache Tomcat software is related to the use of an insecure path search mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code...