CVE-2026-1636

Lenovo Service Bridge is affected by a DLL hijacking vulnerability that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges. The issue is documented across multiple sources (CVE-2026-1636) with a vulnerability pattern described as DLL search ...

CVE-2026-5397 Vulnerability Related to an Uncontrolled Search Path Element in a UPS Management Application

It has been identified that a vulnerability CWE-427 exists in the UPS Uninterruptible Power Supply management application, whereby improper permissions on the installation directory allow a malicious actor to place a DLL that is then executed with administrator privileges. If a malicious DLL is...

PT-2026-33057

Name of the Vulnerable Software and Affected Versions Lenovo Service Bridge affected versions not specified Description A DLL hijacking issue exists where a local authenticated user could execute code with elevated privileges under certain conditions. DLL hijacking is a technique where an...

EUVD-2026-20773

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

CVE-2026-40031

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

CVE-2026-40031 MemProcFS < 5.17 DLL/Shared Library Hijacking

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

CVE-2026-40031

MemProcFS 处理在版本 5.17 之前存在多处不安全的库加载模式，导致跨六个攻击面发生 DLL/共享库劫持。攻击者若在工作目录中放置恶意 DLL/共享库，或操控 LD_LIBRARY_PATH，便可在 MemProcFS 加载时实现任意代码执行。根本原因是对加载库的路径未进行严格限定，利用 bare-name LoadLibraryU/dlopen 未带路径的调用进行加载。影响面涉及本地攻击向量、可用性和完整性及机密性均可能被高影响波及。若存在利用，文档未给出具体利用细节。建议升级至 5.17 及以上版本以修复该加载模式问题；如不能立即升级，可结合路径限定、工作目录隔离及库加载 ...

CVE-2026-40031

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

MemProcFS 代码问题漏洞

MemProcFS is a physical memory virtual file system analysis tool developed by Ulf Frisk. Versions of MemProcFS prior to 5.17 contained code vulnerabilities. These vulnerabilities stemmed from multiple insecure library loading patterns, which could lead to DLL and shared library hijacking, allowin...

EUVD-2026-18420

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

CVE-2026-27774

CVE-2026-27774 affects Acronis True Image for Windows prior to build 42902. The issue is a DLL hijacking vulnerability that leads to local privilege escalation. Documentation lists the root cause as DLL search/loading issues; attack vector is local with high confidentiality/integrity/availability...

Acronis True Image 代码问题漏洞

Acronis True Image is a renowned data backup and restoration software developed by the Swiss company Acronis. This software can be used to create drive and disk images, and to restore those images when a clean system is required. Previous versions of Acronis True Image, such as version 42902, had...

CVE-2026-22561

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

CVE-2026-22561

CVE-2026-22561 concerns Anthropic Claude for Windows installer (Claude Setup.exe). The vulnerability arises from Uncontrolled search path elements, where the installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling local privilege escalation via DLL search-ord...

PT-2026-29282

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

CVE-2026-4255

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows 64-bit allows a local attacker to escalate privileges via DLL side-loading. The application loads certain dynamic-link library DLL dependencies using the default Windows search order, which includes directories...

EUVD-2026-12363

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows 64-bit allows a local attacker to escalate privileges via DLL side-loading. The application loads certain dynamic-link library DLL dependencies using the default Windows search order, which includes directories...

CVE-2026-28711

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

EUVD-2026-9946

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

CVE-2025-11792

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 41124...