PYSEC-2026-192

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and...

Intel Connectivity Performance Suite 代码问题漏洞

Intel Connectivity Performance Suite is a software developed by Intel Corporation in the United States. It can automatically optimize a computer’s network connections, enhancing Wi-Fi performance and application response times. Versions of Intel Connectivity Performance Suite prior to...

Intel AI Playground 代码问题漏洞

Intel AI Playground is an online platform operated by Intel Corporation in the United States. Previous versions of Intel AI Playground, including 3.0.0 alpha, had code vulnerabilities that stemmed from uncontrolled search paths, which could lead to privilege escalation...

CivetWeb 代码问题漏洞

CivetWeb is an open-source web server developed by Civetweb, designed to be easy to use, powerful, and capable of being embedded in C/C++. It offers optional support for CGI, SSL, and Lua. Version 1.16 of CivetWeb contains a code vulnerability. This vulnerability stems from search paths in servic...

CVE-2026-3780

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

EUVD-2026-17761

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

CVE-2026-3780 Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

CVE-2026-3780

CVE-2026-3780 concerns Foxit PDF Editor/Reader installers on Windows. The root cause is an installer that runs with elevated privileges while resolving system executables and DLLs using untrusted search paths that may include user-writable directories. This allows a local attacker to place malici...

CVE-2026-3780

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

PT-2026-29440

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The application's installer operates with elevated privileges but utilizes untrusted search paths to resolve system executables and DLLs. These paths can includ...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the installer’s elevated...

UltraVNC 安全漏洞

UltraVNC is an open-source remote terminal control software developed by UltraVNC Inc. for the Windows platform. Versions of UltraVNC 1.6.4.0 and earlier contain security vulnerabilities, which stem from uncontrolled search paths in the library version.dll...

Flos Freeware Notepad2 代码问题漏洞

Flos Freeware Notepad2 is a lightweight text editor developed by the Swiss company Flos Freeware. Version 4.2.25 of Flos Freeware Notepad2 has a code vulnerability caused by unknown functions in the TextShaping.dll library, which may lead to uncontrolled search paths...

Notepad2 代码问题漏洞

Notepad2 is a text editor developed by Florian Balmer. Version 4.2.25 of Notepad2 has a code vulnerability caused by an unknown function in the PROPSYS.dll library, which may lead to uncontrolled search paths...

Serviio PRO 代码问题漏洞

Serviio PRO is a multimedia streaming server software developed by the British company Serviio. Version 1.8 of Serviio PRO contains a code vulnerability. This vulnerability stems from improper search paths and directory permissions in Windows services, which may allow local users to execute...

Adobe Illustrator 代码问题漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. Versions 29.8.4, 30.1, and earlier of Adobe Illustrator have code vulnerabilities. These vulnerabilities stem from untrusted search paths, which may allow arbitrary code to be executed in the current user...

Mobatek MobaXterm 代码问题漏洞

Mobatek MobaXterm is a terminal software package developed by the French company Mobatek. It integrates an enhanced terminal, an X server, and a Unix command set GNU/Cygwin. Versions of Mobatek MobaXterm prior to version 26.1 contained code vulnerabilities. These vulnerabilities stemmed from...

CVE-2026-26099

Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request...

CVE-2026-26099

Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request...

CVE-2026-26098 Uncontrolled Search Path Element in Owl opds

Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request...