CVE-2026-12217

A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been...

CVE-2026-12217

DVDFab Virtual Drive 2.0.0.5 is affected by a local privilege escalation in the Signed Kernel Driver (dvdfabio.sys). The vulnerability concerns an unknown function within the driver library that leads to improper privilege management. Attacks require local access; the exploit has been publicly di...

CVE-2026-12217 DVDFab Virtual Drive Signed Kernel Driver dvdfabio.sys privileges management

A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been...

EUVD-2026-36690

A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been...

CVE-2026-12217 DVDFab Virtual Drive Signed Kernel Driver dvdfabio.sys privileges management

A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been...

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

CVE-2026-39118

An issue in Iru, Inc Kandji Agent before v.4.7.55374 allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality...

CVE-2026-50891

Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request...

PT-2026-49516

Customer Privilege Escalation in Dokan = 5.0.2 versions...

PT-2026-49194

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket communication used by the SafeController WebMessageBroker. An authenticated attacker with valid low-privileged branch user credentials can manipulate WebSocket...

PT-2026-49322

Name of the Vulnerable Software and Affected Versions impworks Bonsai version 6.0 Description Incorrect access control allows authenticated attackers with Editor privileges to escalate their privileges to Administrator. This can lead to unauthorized changes to accounts, passwords, and system...

PT-2026-49178

Name of the Vulnerable Software and Affected Versions DVDFab Virtual Drive version 2.0.0.5 Description Improper privilege management exists within the Signed Kernel Driver component, specifically affecting a function in the dvdfabio.sys library. This issue allows a local attacker to manipulate th...

PT-2026-49259

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A directory or path traversal issue exists in the web UI of Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage. The flaw occurs because the software does not properly...

PT-2026-49332

Name of the Vulnerable Software and Affected Versions Filestash version 0.4.0 Description Incorrect access control in the '/admin/api/config' endpoint allows attackers to escalate privileges by sending a crafted request. Recommendations At the moment, there is no information about a newer version...

PT-2026-49530

Name of the Vulnerable Software and Affected Versions HP One Agent affected versions not specified Description Security issues in the HP One Agent for certain HP PC products could allow an attacker to perform escalation of privilege, which is the act of gaining higher-level permissions than...

PT-2026-49208

WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with...

CVE-2026-39118

Kandji Agent from Iru, Inc. (pre-4.7.5(5374)) contains a local privilege-escalation flaw driven by a client-validation gap that allows a local attacker to invoke restricted agent functionality. The CVSS metrics indicate HIGH impact across confidentiality, integrity, and availability with LOCAL at...

CVE-2026-36213

An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...

PT-2026-49367

Unauthenticated Privilege Escalation in iControlWP = 5.5.3 versions...

PT-2026-49361

Editor Privilege Escalation in AI Engine = 3.4.9 versions...