Lucene search
+L

145 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a terminal software developed by the French company Mobatek. It integrates an enhanced terminal, X servers, and Unix command sets GNU/Cygwin. Version 12.1 of Mobatek MobaXterm contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured...

9.8CVSS6.5AI score0.00638EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/17 6:31 a.m.11 views

EUVD-2026-23374

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

7.3CVSS6.1AI score0.0015EPSS
Exploits0References7
NVD
NVD
added 2026/04/17 6:16 a.m.7 views

CVE-2026-6421

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

7.3CVSS0.0015EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/17 5:45 a.m.3 views

CVE-2026-6421 Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

7.3CVSS6.1AI score0.0015EPSS
Exploits0References6
CVE
CVE
added 2026/04/17 5:45 a.m.32 views

CVE-2026-6421

CVE-2026-6421 affects Mobatek MobaXterm Home Edition up to 26.1. The issue lies in an unspecified part of msimg32.dll, enabling an uncontrolled search path when a low-privilege local attack occurs. Exploitation is described as local with high complexity; CVSS 3.1/7.0 (HIGH) and CVSS 4.0/7.3 (HIGH...

7.3CVSS6.2AI score0.0015EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/17 5:45 a.m.35 views

CVE-2026-6421 Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

7.3CVSS0.0015EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/17 5:45 a.m.4 views

CVE-2026-6421

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

7.3CVSS5AI score0.0015EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.14 views

Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a terminal software developed by the French company Mobatek. It integrates an enhanced terminal, X servers, and Unix command sets GNU/Cygwin. The Mobatek MobaXterm Home Edition 26.1 and earlier versions have security vulnerabilities. These vulnerabilities stem from an unknown...

7.3CVSS7.1AI score0.0015EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.14 views

PT-2026-33412

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

7.3CVSS6.1AI score0.0015EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.25 views

CVE-2026-25866

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

8.5CVSS6.3AI score0.00132EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/09 6:31 p.m.26 views

EUVD-2026-10342

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

8.5CVSS6.3AI score0.00132EPSS
Exploits0References3
NVD
NVD
added 2026/03/09 4:16 p.m.86 views

CVE-2026-25866

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

8.5CVSS0.00132EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/09 3:24 p.m.4 views

CVE-2026-25866 MobaXterm < 26.1 Notepad++ Unquoted Service Path

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

8.5CVSS6.3AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/09 3:24 p.m.96 views

CVE-2026-25866 MobaXterm < 26.1 Notepad++ Unquoted Service Path

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

8.5CVSS0.00132EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/09 3:24 p.m.3 views

CVE-2026-25866

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

8.5CVSS6.3AI score0.00132EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.24 views

PT-2026-24077

Name of the Vulnerable Software and Affected Versions MobaXterm versions prior to 26.1 Description The software contains an uncontrolled search path element issue. The application uses WinExec to launch Notepad++ without specifying the complete path to the executable when opening files from remot...

8.5CVSS6.3AI score0.00132EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.9 views

Mobatek MobaXterm 代码问题漏洞

Mobatek MobaXterm is a terminal software package developed by the French company Mobatek. It integrates an enhanced terminal, an X server, and a Unix command set GNU/Cygwin. Versions of Mobatek MobaXterm prior to version 26.1 contained code vulnerabilities. These vulnerabilities stemmed from...

8.5CVSS6.1AI score0.00132EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.7 views

CVE-2021-28847

MobaXterm before 21.0 allows remote servers to cause a denial of service Windows GUI hang via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls...

7.5CVSS6.8AI score0.01427EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38336

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication...

8.1CVSS7AI score0.00829EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.7 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.1CVSS6.9AI score0.00729EPSS
Exploits0References1
Rows per page
Query Builder