CVE-2026-45181

Hex-Rays IDA Pro 9.2 and 9.3 prior to 9.3sp2 do not block Clang dependency-file generation, enabling argument-injection via attacker-supplied .i64 files to place code into a plugins directory. Root cause: missing validation in dependency-file generation. Impact: local attacker could achieve code ...