CVE-2026-44612

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

EUVD-2026-25138

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

CVE-2026-32679

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

CVE-2026-33477

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...

FileRise 安全漏洞

FileRise is a lightweight, self-hosted web-based file manager developed by Ryan. Versions of FileRise 3.10.0 and earlier have security vulnerabilities, which stem from server-side authorization flaws. These vulnerabilities could allow users to read file segments from other users within the same...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

EUVD-2025-34518

RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

CVE-2025-58753 copyparty: Sharing a single file does not fully restrict access to other files in source folder

Copyparty is a portable file server. In versions prior to 1.19.8, there was a missing permission-check in the shares feature the shr global-option. When a share was created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames. I...

EasyRanges 安全漏洞

EasyRanges is a small Julia package from the individual developer Éric Thiébaut. A security vulnerability exists in EasyRanges version 1.41, which stems from an issue with EasyRange that contains search paths for executables, which could lead to loading executables located in the same folder as t...

WordPress Slider Revolution 4.6.5 Shell Upload

==================================================================================================================================== | Title : WordPress - Slider Revolution 4.6.5 WordPress - Slider Revolution 4.6.5 shell upload 0-day exploit | | Author : indoushka | | Tested on : windows 10...