EUVD-2026-36426

MobaXterm Personal Edition Portable, in its 26.3 version Build 5154, allows arbitrary code execution by loading a malicious DLL located in the same directory as the portable executable. Because the application automatically loads the winspool.drv library from that location during startup, an...

CVE-2026-11967

CVE-2026-11967 affects MobaXterm Personal Edition (Portable) version 26.3 (Build 5154). The root cause is the application loading winspool.drv from the same directory as the portable executable during startup, allowing an attacker with local access to place a crafted DLL alongside the executable ...

CVE-2026-24064

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

EUVD-2026-35447

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

CVE-2026-24064

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

CVE-2026-24064 Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

CVE-2026-24064

Waves Central for macOS (versions 13.0.9–16.5.5) contains a local privilege escalation due to a trusted XPC client component signed with hardened runtime entitlements that allows dynamic library injection via DYLD_INSERT_LIBRARIES. An attacker can inject code into the trusted process at launch, w...

CVE-2026-24064 Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

CVE-2026-11450 GL.iNet GL-MT3000 Path Normalization dlopen command injection

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument devname results in command injection. It is possible to initiate the attack...

CVE-2026-44406

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

CVE-2026-7279

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

CVE-2026-28704

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2026-44612

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2026-8359

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBinLoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not prese...

CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

CVE-2025-71316

CVE-2025-71316 affects SQLite sqldiff.exe and is due to insecure handling of Unicode-to-ANSI conversion in the Windows C runtime. An attacker could use the -L option to load an arbitrary DLL by crafting a command line argument string, causing command line file arguments to be misinterpreted as op...

CVE-2026-50033

CVE-2026-50033 affects Acronis DeviceLock DLP for Windows prior to build 9.0.15051.93227, enabling local privilege escalation via DLL hijacking. CVSS v3.0 base score 7.3 (High); attack vector LOCAL, privileges required LOW, user interaction REQUIRED. No exploitation details are provided in the co...

Synology Hyper Backup Explorer 安全漏洞

Synology Hyper Backup Explorer is a backup file viewing tool developed by Synology, a Chinese company, for browsing, retrieving, and restoring backup version data. Versions of Synology Hyper Backup Explorer prior to 3.0.1-0156 contained security vulnerabilities. These vulnerabilities stemmed from...

CVE-2026-36574

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...