CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Liberapay: another liberapay member team twitter account broken Link Hijacking via Expired Twitter Account Link

Hello again i discovered that there is another Liberapay profile of Liberapay team member at liberapay.com/mdvhimself contains a link to an expired Twitter account, creating a Broken Link Hijacking BLH vulnerability. An attacker could register the expired handle and control what appears to be an...

Liberapay: Liberapay member team twitter account broken Link Hijacking via Expired Twitter Account Link

The profile of a Liberapay team member contained a link to an expired Twitter account, creating a broken link hijacking vulnerability. The expired Twitter account link was displayed on the member's Liberapay profile and donation page, falsely confirming to donors that the account was legitimate a...

Linux Distros Unpatched Vulnerability : CVE-2026-28350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner...

CVE-2026-28711

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

PT-2026-20924

Splunk Enterprise Windows flaws CVSS 7.7 CVE-2026-20143 & CVE-2026-20140 allow system takeover via DLL and Python search path hijacking. Patch immediately. Splunk CyberSecurity InfoSec WindowsSecurity DLLHijacking LPE PatchNow https://t.co/wudRkJ9tIM...

CVE-2025-57836

An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges...

EUVD-2023-60235

Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories,...

CVE-2025-12046

A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions...

EUVD-2005-2408

Malware in sbrugna...

EUVD-2023-44548

Malicious code in bioql PyPI...

CVE-2025-59684

DigiSign DigiSigner ONE 1.0.4.60 allows DLL Hijacking...

CVE-2025-59684

DigiSign DigiSigner ONE 1.0.4.60 allows DLL Hijacking...

Notepad++ 安全漏洞

Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++ version 8.8.3, which originates from DLL hijacking and could lead to the execution of malicious code...

CVE-2025-10198

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories...

CVE-2025-30033

CVE-2025-30033 is a DLL hijacking vulnerability in a Siemens setup component that could allow an attacker to execute arbitrary code at install time when a legitimate user runs an application using the affected installer. The vulnerability is documented across multiple sources (Siemens ProductCERT...

CVE-2023-3922

An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page...

CVE-2020-23438

Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation...

AMD Integrated Management Technology 安全漏洞

AMD Integrated Management Technology is a management technology from UltraMicroelectronics AMD that is primarily used to enable AMD DASH management features on AMD PRO hardware. A security vulnerability exists in AMD Integrated Management Technology that stems from a DLL hijacking vulnerability i...