CVE-2026-44406

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

CVE-2026-5397

It has been identified that a vulnerability CWE-427 exists in the UPS Uninterruptible Power Supply management application, whereby improper permissions on the installation directory allow a malicious actor to place a DLL that is then executed with administrator privileges. If a malicious DLL is...

CVE-2026-27774

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

PT-2026-1297

Name of the Vulnerable Software and Affected Versions Samsung Magician versions 6.3.0 through 8.3.2 Description The software installer creates a temporary folder with insufficient permissions during the installation process on Windows. This allows a non-administrative user to potentially perform...

CVE-2023-53937

Hubstaff 1.6.14 is affected by a DLL search order hijacking vulnerability that enables replacing the missing system32 wow64log.dll with a malicious library. An attacker could generate a custom DLL (e.g., via Metasploit) and place it in the system32 directory to obtain a reverse shell when the app...

CVE-2025-34417

CVE-2025-34417 affects MailEnable versions prior to 10.54. The issue is an unsafe DLL loading vulnerability where the MailEnable administrative executable loads MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write...

PT-2025-50328

A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions...

CVE-2025-66265

CMService.exe creates the C:\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files such as snmp.conf or hijack DLLs to escalate privileges...

CVE-2024-21922

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

EUVD-2025-198124

When the service of ABP and AES is installed in a directory writable by non-administrative users, an attacker can replace or plant a DLL with the same name as one loaded by the service. Upon service restart, the malicious DLL is loaded and executed under the LocalSystem account, resulting in...

PT-2025-40250

Name of the Vulnerable Software and Affected Versions DigiSign DigiSigner ONE version 1.0.4.60 Description The software allows for DLL hijacking. This means a malicious actor could potentially replace legitimate DLL files with crafted ones, leading to code execution. Recommendations At the moment...

PT-2025-39996

Name of the Vulnerable Software and Affected Versions Acronis True Image Windows versions prior to build 42386 Description A local privilege escalation issue exists due to a DLL hijacking weakness. This allows an attacker to potentially gain elevated privileges on a system. Recommendations Update...

CVE-2025-10215

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...

CVE-2025-10215

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...

CVE-2025-10213

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...

CVE-2025-10215

CVE-2025-10215 affects UPDF.exe for Windows 1.8.5.0. The issue is DLL search path hijacking: an attacker with local access can place a malicious FREngine.dll in C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\ and trigger arbitrary code execution (and persistence). Several connected sources con...

CVE-2025-10214 DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...

CVE-2025-10213

CVE-2025-10213 is a DLL search path hijacking vulnerability affecting UPDF.exe on Windows (version 1.8.5.0). An attacker with local access can cause arbitrary code execution and persistence by placing a crafted dxtn.dll in the path C:\Users\AppData\Local\Microsoft\WindowsApps, exploiting the Wind...

CVE-2025-40979 DLL search order hijack in Wave by Grandstream Networks

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...

PT-2025-37035

Name of the Vulnerable Software and Affected Versions: UPDF versions 1.8.5.0 Description: A DLL search path hijacking issue exists in the UPDF.exe executable for Windows. Attackers with local access can execute arbitrary code by placing a malicious FREngine.dll file in the...