PT-2026-40578

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2026-34488

Technical details beyond the high-level description are not publicly available in the provided documents. Monitor for updates from the listed references for affected products, vulnerable components, and remediation guidance.

PT-2026-31881

Name of the Vulnerable Software and Affected Versions Emocheck affected versions not specified Description Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed in the same directory, arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2026-26050

The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2025-33231

CVE-2025-33231 relates to NVIDIA Nsight Systems for Windows, where insecure DLL search paths in the application’s DLL loading mechanism allow an uncontrolled search path element. This could enable local attacker code execution, privilege escalation, data tampering, DoS, or information disclosure....

CVE-2022-26511

WPS Presentation 11.8.0.5745 insecurely load d3dx941.dll when opening .pps files'current directory type' DLL loading...

MailEnable Insecure DLL Loading Vulnerability (CNVD-2026-14401)

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

MailEnableMailEnableMailEnable Insecure DLL Loading Vulnerability (CNVD-2026-14405)

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from a MailEnable Insecure DLL Load vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

EUVD-2022-28479

Malicious code in bioql PyPI...

CVE-2025-34109 Panda Security PSEvents.exe Insecure DLL Loading Privilege Escalation

PSEvents.exe in multiple Panda Security products runs hourly with SYSTEM privileges and loads DLL files from a user-writable directory without proper validation. An attacker with low-privileged access who can write DLL files to the monitored directory can achieve arbitrary code execution with...

CVE-2024-28589

An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization...

CVE-2022-23401

The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

CVE-2022-25969

The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL or some other DLLs, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer...

CVE-2024-12530 Insecure Dynamic-Link Library (DLL) Load vulnerability

Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the thick-client applicatio...

KEYENCE VT STUDIO may insecurely load Dynamic Link Libraries

Overview VT STUDIO provided by KEYENCE CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2024-28099. KEYENCE CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact...

SUSE CVE-2020-8315

In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected...

Palo Alto Networks Cortex XDR Agent 代码问题漏洞

Palo Alto Networks Cortex XDR Agent is an endpoint security software from Palo Alto Networks. A code issue vulnerability exists in Palo Alto Networks Cortex XDR Agent that originates from an application loading DLL libraries in an insecure manner. An attacker could use this vulnerability to place...

KINGSOFT Installer of WPS Office 代码问题漏洞

KINGSOFT Installer of WPS Office is an installer and setup program for WPS Office from the Chinese company KINGSOFT. A code issue vulnerability exists in KINGSOFT Installer of WPS Office versions 10.8.0.5745 through 10.8.0.6186, which stems from the application loading DLL libraries in an insecur...

KINGSOFT Installer of WPS Office 代码问题漏洞

KINGSOFT Installer of WPS Office is an installer and setup program for WPS Office from the Chinese company KINGSOFT. A code issue vulnerability exists in KINGSOFT Installer of WPS Office versions 10.8.0.5745 through 10.8.0.6186, which stems from the application loading DLL libraries in an insecur...