CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

HackRead•added 2026/04/15 8:59 p.m.•1 views

Fake Claude AI Installer Targets Windows Users with PlugX Malware

Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems...

GithubExploit•added 2026/04/14 12:45 p.m.•62 views

Windows-privilege-exploits

Elevation !Windowshttps://img.shields.io/badge/platform-Wi...

Securelist•added 2026/04/13 9:0 a.m.•3 views

JanelaRAT: a financial threat targeting users in Latin America

Background JanelaRAT is a malware family that takes its name from the Portuguese word "janela" which means "window". JanelaRAT looks for financial and cryptocurrency data from specific banks and financial institutions in the Latin America region. JanelaRAT is a modified variant of BX RAT that has...

6.1AI score

The Hacker News•added 2026/03/31 6:28 p.m.•3 views

Android Developer Verification Rollout Begins Ahead of September Enforcement

Google on Monday said it's officially rolling out Android developer verification to all developers to combat the problem of bad actors distributing harmful apps while "hiding behind anonymity." The development comes ahead of a planned verification mandate that goes into effect in Brazil, Indonesi...

5.9AI score

Malwarebytes•added 2026/03/30 7:1 a.m.•3 views

A week in security (March 23 – March 29)

Last week on Malwarebytes Labs: Criminals are renting virtual phones to bypass bank security Bogus Avast website fakes virus scan, installs Venom Stealer instead Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka GlassWorm attack installs fake browser extension for...

5.9AI score

RedhatCVE•added 2026/03/26 3:0 p.m.•1 views

CVE-2026-33156

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

Malwarebytes•added 2026/03/23 12:42 p.m.•4 views

Advanced Flow will make Android sideloading safer

Google has announced the introduction of Advanced Flow, designed to let Android users install apps from unverified developers more safely than before. This process is known as sideloading. It means installing an app on your device from somewhere other than the Google Play store, usually by...

NVD•added 2026/03/20 9:17 p.m.•0 views

CVE-2026-33156

7.8CVSS0.00008EPSS

ATTACKERKB•added 2026/03/20 8:29 p.m.•0 views

CVE-2026-33156

Exploits1References2Affected Software1

EUVD•added 2026/03/20 8:29 p.m.•2 views

EUVD-2026-13793

CVE•added 2026/03/20 8:29 p.m.•4 views

CVE-2026-33156

CVE-2026-33156 affects ScreenToGif (portable versions up to 2.42.1). The flaw is DLL sideloading through version.dll: when run from a user-writable directory, the executable loads version.dll from its own directory instead of Windows System32, enabling arbitrary code execution in the user’s conte...

Exploits1References1Affected Software1

Cvelist•added 2026/03/20 8:29 p.m.•17 views

CVE-2026-33156 DLL Sideloading in ScreenToGif

7.8CVSS0.00008EPSS

Vulnrichment•added 2026/03/20 8:29 p.m.•1 views

CVE-2026-33156 DLL Sideloading in ScreenToGif

OSV•added 2026/03/20 8:29 p.m.•1 views

CVE-2026-33156 DLL Sideloading in ScreenToGif

The Hacker News•added 2026/03/20 10:57 a.m.•2 views

Exploits1References3

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverified developers in an attempt to balance openness with safety. The new changes come against the backdrop of a developer verification mandate the tech...

Positive Technologies•added 2026/03/20 12:0 a.m.•2 views

PT-2026-26676

Malwarebytes•added 2026/03/02 1:57 p.m.•3 views

Exploits1References4

A fake FileZilla site hosts a malicious download

A trojanized copy of the open-source FTP client FileZilla 3.69.5 is circulating online. The archive contains the legitimate FileZilla application, but with a single malicious DLL added to the folder. When someone downloads this tampered version, extracts it, and launches FileZilla, Windows loads...

5.9AI score

Talos Blog•added 2026/02/26 11:0 a.m.•4 views

New Dohdoor malware campaign targets education and health care

Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as "UAT-10027," delivering a previously undisclosed backdoor dubbed "Dohdoor." Dohdoor utilizes the DNS-over-HTTPS DoH technique for command-and-control C2 communications and h...

6.4AI score

The Hacker News•added 2026/01/20 1:46 p.m.•6 views

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan RAT. The activity delivers "weaponized files via Dynamic Link Library DLL sideloading, combined wit...

6.2AI score