5 matches found
CVE-2026-23988
Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condition TOCTOU in src/net.c during the creation, validation, and execution of the Fido PowerShell script. Since Rufus runs with elevated privileges Administrator but writes the scri...
EUVD-2025-5101
Malicious code in bioql PyPI...
CVE-2025-26624
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...
CVE-2025-26624
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...
CVE-2025-26624
CVE-2025-26624 describes a DLL hijacking/local privilege escalation in Rufus. Affected: Rufus 4.6.2208 and earlier. Root cause: the launcher loads a malicious cfgmgr32.dll from the same directory via side-loading when the executable has elevated privileges. Impact: enables loading/execution of a ...