7 matches found
CVE-2026-6421
A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...
EUVD-2026-23374
A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...
CVE-2026-6421 Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path
A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...
CVE-2026-6421
A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...
CVE-2026-6421
CVE-2026-6421 affects Mobatek MobaXterm Home Edition up to 26.1. The issue lies in an unspecified part of msimg32.dll, enabling an uncontrolled search path when a low-privilege local attack occurs. Exploitation is described as local with high complexity; CVSS 3.1/7.0 (HIGH) and CVSS 4.0/7.3 (HIGH...
PT-2026-33412
A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...
CVE-2026-33503
Ory Kratos is an identity, user management and authentication system for cloud services. Prior to version 26.2.0, the ListCourierMessages Admin API in Ory Kratos is vulnerable to SQL injection due to flaws in its pagination implementation. Pagination tokens are encrypted using the secret configur...