PT-2026-40578

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2026-34488

Technical details beyond the high-level description are not publicly available in the provided documents. Monitor for updates from the listed references for affected products, vulnerable components, and remediation guidance.

PT-2026-31881

Name of the Vulnerable Software and Affected Versions Emocheck affected versions not specified Description Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed in the same directory, arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2026-26050

The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

CVE-2022-26511

WPS Presentation 11.8.0.5745 insecurely load d3dx941.dll when opening .pps files'current directory type' DLL loading...

MailEnable Insecure DLL Loading Vulnerability (CNVD-2026-14401)

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

EUVD-2022-28479

Malicious code in bioql PyPI...

CVE-2025-34109 Panda Security PSEvents.exe Insecure DLL Loading Privilege Escalation

PSEvents.exe in multiple Panda Security products runs hourly with SYSTEM privileges and loads DLL files from a user-writable directory without proper validation. An attacker with low-privileged access who can write DLL files to the monitored directory can achieve arbitrary code execution with...

CVE-2024-28589

An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization...

CVE-2022-23401

The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

CVE-2022-25969

The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL or some other DLLs, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer...

KEYENCE VT STUDIO may insecurely load Dynamic Link Libraries

Overview VT STUDIO provided by KEYENCE CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2024-28099. KEYENCE CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact...

Palo Alto Networks Cortex XDR Agent 代码问题漏洞

Palo Alto Networks Cortex XDR Agent is an endpoint security software from Palo Alto Networks. A code issue vulnerability exists in Palo Alto Networks Cortex XDR Agent that originates from an application loading DLL libraries in an insecure manner. An attacker could use this vulnerability to place...

KINGSOFT Installer of WPS Office 代码问题漏洞

KINGSOFT Installer of WPS Office is an installer and setup program for WPS Office from the Chinese company KINGSOFT. A code issue vulnerability exists in KINGSOFT Installer of WPS Office versions 10.8.0.5745 through 10.8.0.6186, which stems from the application loading DLL libraries in an insecur...

KINGSOFT Installer of WPS Office 代码问题漏洞

KINGSOFT Installer of WPS Office is an installer and setup program for WPS Office from the Chinese company KINGSOFT. A code issue vulnerability exists in KINGSOFT Installer of WPS Office versions 10.8.0.5745 through 10.8.0.6186, which stems from the application loading DLL libraries in an insecur...

JVN#21234459: Multiple vulnerabilities in KINGSOFT "WPS Office" and "KINGSOFT Internet Security"

"WPS Office" and "KINGSOFT Internet Security" provided by KINGSOFT JAPAN, INC. contain multiple vulnerabilities listed below. Stack-based buffer overflow CWE-121 - CVE-2022-25949 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H| Base Score: 8.8 CVSS v2|...

CVE-2022-23401

The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

CVE-2022-23401

CVE-2022-23401 affects Yokogawa CENTUM CS 3000 (R3.08.10–R3.09.00), CENTUM VP (R4.01.00–R4.03.00, R5.01.00–R5.04.20, R6.01.00–R6.08.00) and Exaopc (R3.72.00–R3.79.00). The issue is an insecure DLL loading / uncontrolled search path element vulnerability in these products. Impact per sources indic...

CVE-2022-23401

The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

CVE-2021-38416

Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed...