Total
1095 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23755 | 1 Dlink | 1 D-view 8 | 2026-03-05 | 7.3 High |
| D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious version.dll alongside the legitimate installer so that, when a victim runs the installer and approves the UAC prompt, attacker-controlled code executes with administrator privileges. This can lead to full system compromise. | ||||
| CVE-2026-22270 | 1 Dell | 1 Powerscale Onefs | 2026-03-04 | 6.7 Medium |
| Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, and information disclosure. | ||||
| CVE-2025-15558 | 2026-03-04 | N/A | ||
| Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user. This issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager package, such as Docker Compose. This issue does not impact non-Windows binaries, and projects not using the plugin-manager code. | ||||
| CVE-2026-24502 | 2026-03-04 | 8.8 High | ||
| Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2026-3091 | 1 Synology | 2 Presto Client, Synology Presto Client | 2026-03-04 | 6.7 Medium |
| An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files during installation by placing a malicious DLL in advance in the same directory as the installer. | ||||
| CVE-2026-2492 | 1 Tensorflow | 1 Tensorflow | 2026-02-28 | 7.8 High |
| TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of plugins. The application loads plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user. Was ZDI-CAN-25480. | ||||
| CVE-2026-25129 | 2 Bobthecow, Psysh | 2 Psysh, Psysh | 2026-02-27 | 6.7 Medium |
| PsySH is a runtime developer console, interactive debugger, and REPL for PHP. Prior to versions 0.11.23 and 0.12.19, PsySH automatically loads and executes a `.psysh.php` file from the Current Working Directory (CWD) on startup. If an attacker can write to a directory that a victim later uses as their CWD when launching PsySH, the attacker can trigger arbitrary code execution in the victim's context. When the victim runs PsySH with elevated privileges (e.g., root), this results in local privilege escalation. This is a CWD configuration poisoning issue leading to arbitrary code execution in the victim user’s context. If a privileged user (e.g., root, a CI runner, or an ops/debug account) launches PsySH with CWD set to an attacker-writable directory containing a malicious `.psysh.php`, the attacker can execute commands with that privileged user’s permissions, resulting in local privilege escalation. Downstream consumers that embed PsySH inherit this risk. For example, Laravel Tinker (`php artisan tinker`) uses PsySH. If a privileged user runs Tinker while their shell is in an attacker-writable directory, the `.psysh.php` auto-load behavior can be abused in the same way to execute attacker-controlled code under the victim’s privileges. Versions 0.11.23 and 0.12.19 patch the issue. | ||||
| CVE-2026-26097 | 2 Owl, Owlcyberdefense | 4 Opds, Opds-100, Opds-1000 and 1 more | 2026-02-27 | 5.5 Medium |
| Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request. | ||||
| CVE-2026-26098 | 2 Owl, Owlcyberdefense | 4 Opds, Opds-100, Opds-1000 and 1 more | 2026-02-27 | 5.5 Medium |
| Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request. | ||||
| CVE-2026-26099 | 2 Owl, Owlcyberdefense | 4 Opds, Opds-100, Opds-1000 and 1 more | 2026-02-27 | 5.5 Medium |
| Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request. | ||||
| CVE-2026-25191 | 1 Digital Arts | 2 Finalcode Ver.5 Series, Finalcode Ver.6 Series | 2026-02-27 | N/A |
| The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privilege. | ||||
| CVE-2025-21127 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2026-02-26 | 7.8 High |
| Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could lead to arbitrary code execution. An attacker could manipulate the search path environment variable to point to a malicious library, resulting in the execution of arbitrary code when the application loads. Exploitation of this issue requires user interaction in that a victim must run the vulnerable application. | ||||
| CVE-2025-22458 | 1 Ivanti | 1 Endpoint Manager | 2026-02-26 | 7.8 High |
| DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System. | ||||
| CVE-2023-31358 | 1 Amd | 1 Aim-t Manageability Api | 2026-02-26 | 7.3 High |
| A DLL hijacking vulnerability in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
| CVE-2025-20015 | 2026-02-26 | 6.7 Medium | ||
| Uncontrolled search path element for some Intel(R) Ethernet Connection software before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-20043 | 2026-02-26 | 6.7 Medium | ||
| Uncontrolled search path for some Intel(R) RealSense™ SDK software before version 2.56.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-20079 | 1 Intel | 2 Advisor, Oneapi Base Toolkit | 2026-02-26 | 6.7 Medium |
| Uncontrolled search path for some Intel(R) Advisor software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-20108 | 2026-02-26 | 6.7 Medium | ||
| Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows 11 before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-21099 | 2026-02-26 | 6.7 Medium | ||
| Uncontrolled search path for some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-31073 | 2026-02-26 | 6.7 Medium | ||
| Uncontrolled search path for some Intel(R) oneAPI Level Zero software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||