EUVD-2026-37940

Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...

CVE-2026-25865

CVE-2026-25865 affects Punto Switcher 4.5.0.583. The vulnerability is an unquoted search path element invoked via WinExec when calling RunDll32.exe for shell32.dll Control_RunDLL input.dll, enabling local arbitrary code execution if an attacker places a malicious executable earlier in the search ...

EUVD-2026-36986

Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...

CVE-2026-40779

Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...

CVE-2026-40779 WordPress Link Library plugin <= 7.8.8 - Arbitrary File Deletion vulnerability

Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...

CVE-2026-40779

CVE-2026-40779 affects the WordPress WordPress Link Library plugin, version

PT-2026-49421

Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...

CVE-2026-11967 Arbitrary code execution in MobaXterm Personal Edition (Portable)

MobaXterm Personal Edition Portable, in its 26.3 version Build 5154, allows arbitrary code execution by loading a malicious DLL located in the same directory as the portable executable. Because the application automatically loads the winspool.drv library from that location during startup, an...

CVE-2026-11967 Arbitrary code execution in MobaXterm Personal Edition (Portable)

MobaXterm Personal Edition Portable, in its 26.3 version Build 5154, allows arbitrary code execution by loading a malicious DLL located in the same directory as the portable executable. Because the application automatically loads the winspool.drv library from that location during startup, an...

EUVD-2026-36425

MobaXterm Personal Edition Portable, in its 26.3 version Build 5154, allows arbitrary code execution by loading malicious DLLs from a temporary directory that is predictable and can be modified by the user. During startup, the application searches for specific DLLs in this location before resorti...

PT-2026-48864

MobaXterm Personal Edition Portable, in its 26.3 version Build 5154, allows arbitrary code execution by loading a malicious DLL located in the same directory as the portable executable. Because the application automatically loads the winspool.drv library from that location during startup, an...

CVE-2026-45635

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

CVE-2026-45592

Integer overflow or wraparound in Windows Internet wininet.dll allows an authorized attacker to elevate privileges locally...

Windows UPnP Device Host Remote Code Execution Vulnerability

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

CVE-2022-49042

An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in Synology Hyper Backup Explorer before 3.0.1-0156 allows local users to execute arbitrary code via unspecified vectors...

CVE-2026-34488

IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

CVE-2026-50033

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

CVE-2026-28704

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

EUVD-2025-210067

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

CVE-2025-71316 SQLite sqldiff remote code execution via argument injection

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...