CVE-2026-32323 Mullvad VPN for macOS: Local Privilege Escalation via unverified bundle path in installer

Mullvad VPN is a VPN client app for desktop and mobile. When using macOS with versions 2026.1 and below, Mullvad VPN may allow local privilege escalation during installation or upgrade. The installer package executes binaries from /Applications/Mullvad VPN.app without verifying if the bundle is...

CVE-2026-32323

CVE-2026-32323 : Mullvad VPN for macOS versions 2026.1 and earlier are affected by a local privilege escalation in the installer. The installer executes binaries from /Applications/Mullvad VPN.app without verifying that the bundle is attacker-controlled or legitimate, allowing a user in the admin...

Mullvad VPN desktop and mobile app 安全漏洞

The Mullvad VPN desktop and mobile app is an open-source VPN client application developed by Mullvad VPN. Versions of the Mullvad VPN desktop and mobile app prior to 2026.1 contained a security vulnerability. This vulnerability stemmed from the installer’s failure to verify the validity of the...

CVE-2025-33230

NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. A successful exploit of this vulnerability might lead to escalation of privileges, code execution, data...

LogStare Collector 代码问题漏洞

LogStare Collector is a data collector from LogStare Japan. A code issue vulnerability exists in LogStare Collector that stems from an improperly controlled installer path that could lead to the execution of arbitrary code...

Notepad++ 安全漏洞

Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++ 8.8.1 and earlier versions, which is caused by an elevation of privilege in the installer due to an insecure executable search path...

CVE-2024-37391

ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant'autopf\Proton\Drive' + '"' in Setup/setup.iss...

Zoom Workplace 安全漏洞

Zoom Workplace Apps for Windows is a professional video conferencing client, built for enterprise meetings, that is mobile and cloud-based. Zoom Workplace Apps for Windows suffers from an elevation of privilege vulnerability that stems from an untrusted search path in the installer. No details of...

Vagrant VMWare Utility 安全漏洞

HashiCorp Vagrant VMware Utility is a utility service from HashiCorp USA. A security vulnerability exists in Vagrant VMWare Utility version 1.0.22 and earlier, which originates from the Windows installer using an unprotected path against a custom location, which could be modified by an unauthoriz...

PT-2024-29947 · Zoom · Zoom Workplace Desktop App +1

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Desktop App for macOS versions prior to 6.1.0 Zoom Meeting SDK for macOS versions prior to 6.1.0 Description: The issue is related to an untrusted search path in the installer for the affected software, which may allow a...

CVE-2024-37391

CVE-2024-37391 concerns ProtonVPN on Windows prior to version 3.2.10. The vulnerability stems from mishandling the drive installer path in Setup/setup.iss; the path should be created as the quoted ExpandConstant('{autopf}\Proton\Drive') to correctly locate the drive component. Affected software: ...

PT-2024-27517 · Proton · Protonvpn

Name of the Vulnerable Software and Affected Versions: ProtonVPN versions prior to 3.2.10 Description: The issue is related to the mishandling of the drive installer path in the Setup/setup.iss file. Specifically, it should use the path constructed by ' + ExpandConstant'autopfProtonDrive' + ' to...

PT-2022-3619 · Unknown · Git For Windows

Name of the Vulnerable Software and Affected Versions: Git for Windows versions prior to 2.37.1 Description: The issue is related to the Git for Windows installer executing a binary into C:mingw64bingit.exe by mistake, which occurs only during a fresh install, not when upgrading. This is due to a...

CVE-2021-1492

The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo...

CVE-2020-3427

The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Windows Logon, cause Denia...

PT-2012-5249 · Mozilla +1 · Firefox Esr +2

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 17.0 Mozilla Firefox ESR 10.x versions prior to 10.0.11 Description: The issue is related to an untrusted search path vulnerability in the installer. This vulnerability allows local users to gain privileges v...