← back
CVE-2026-36425mediumCWE-269

CVE-2026-36425

30Vexday Risk Score

No sign of exploitation. It has a public proof of concept.

ssvc Attendcvss 6.5
from disclosure to weapon0 days
Published on NVDJul 16
1st PoCJun 17
exploitation probability
observed exploitation
nono source reports it
1 public exploit(s)
An issue in OPSWAT AppRemover Driver (ardrv.sys) v2017.10.02.1551 and earlier in IOCTL handler 0x2420031. Any local user can open the device and send process termination requests without privilege validation.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.