PT-2026-25837

Name of the Vulnerable Software and Affected Versions KeePassXC affected versions not specified Description KeePassXC installations are susceptible to local privilege escalation. An attacker who can execute low-privileged code may be able to gain elevated access. This issue is related to the...

CVE-2026-2713 IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability

IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...

CVE-2026-22270

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, a...

CVE-2026-22270

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, a...

CVE-2026-22270

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, a...

CVE-2026-22270

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, a...

EUVD-2026-9320

Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-24502

Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-24502

Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

Multiple vulnerabilities in the installer of FinalCode Client

Overview The installer of FinalCode Client provided by Digital Arts Inc. contains multiple vulnerabilities listed below. Incorrect default permissions CWE-276 - CVE-2026-23703 Uncontrolled search path element CWE-427 - CVE-2026-25191 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported...

CVE-2026-21420

Dell Repository Manager DRM, versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges...

CVE-2026-3091

An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files and conduct denial-of-service during installation by placing a malicious DLL in advance in the same directory as the installer...

CVE-2026-21420

Dell Repository Manager (DRM) v3.4.7 and earlier is affected by an Uncontrolled Search Path Element, enabling a local, low-privilege attacker to potentially execute arbitrary code and escalate privileges. Root cause is improper handling of search paths in DRM prior to 3.4.8. Impact includes high ...

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

...

CVE-2026-2040

Summary: CVE-2026-2040 affects PDF-XChange Editor (TrackerUpdate component). The flaw is an Uncontrolled Search Path Element in TrackerUpdate where the process loads a library from an unsecured location, enabling a local attacker who can run low-privileged code to escalate privileges and execute ...

CVE-2026-26098

Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request...

CVE-2026-0776

CVE-2026-0776 concerns the Discord Client and its discord_rpc module , where an uncontrolled search path element allows a local attacker to escalate privileges. The flaw occurs when the client loads a file from an unsecured location, enabling the attacker to run code with the privileges of the ta...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

UBUNTU-CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2023-29012

Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem ha...