CVE-2026-36425
30Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendcvss 6.5
from disclosure to weapon0 days
Published on NVDJul 16
1st PoCJun 17
exploitation probability
—
observed exploitation
nono source reports it
1 public exploit(s)
An issue in OPSWAT AppRemover Driver (ardrv.sys) v2017.10.02.1551 and earlier in IOCTL handler 0x2420031. Any local user can open the device and send process termination requests without privilege validation.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/apublic PoCs found — 1
githubgithub.com/redteamfortress/CVE-2026-36425★ 3⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
https://github.com/redteamfortress/CVE-2026-36425https://www.opswat.com/products/oesis-framework/application-removalhttps://www.virustotal.com/gui/file/07c5209bf83065fe760f4fee4ed2308b0c523671f68ca73a3854c2c8c28c0541https://www.virustotal.com/gui/file/2248347b2ec49f07268a44816ebb6265677093ec277f825de1a76700ab25e3bc