Weaknesses of type CWE-426
282 resultsCVE-2026-6421HIGHMobatek MobaXterm Home Edition msimg32.dll uncontrolled search pathEPSS 0.1%CVE-2025-43079MEDIUMLocal Privilege Escalation via qagent_uninstall.sh Qualys Cloud AgentsEPSS 0.1%CVE-2025-13491MEDIUMIBM App Connect Enterprise Certified Container Information DisclosureEPSS 0.1%CVE-2024-36071MEDIUMSamsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the instaEPSS 0.1%CVE-2026-29089HIGHTimescaleDB uses untrusted search path during extension upgradeEPSS 0.1%CVE-2026-35368HIGHuutils coreutils chroot Local Privilege Escalation and chroot Escape in via Name Service Switch (NSS) InjectionEPSS 0.1%CVE-2025-1756HIGHMongoDB Shell may be susceptible to local privilege escalation in WindowsEPSS 0.1%CVE-2024-12168HIGHDLL Hijacking in Yandex TelemostEPSS 0.1%CVE-2025-1755HIGHMongoDB Compass may be susceptible to local privilege escalation in WindowsEPSS 0.1%CVE-2026-32009HIGHOpenClaw < 2026.2.24 - Binary Hijacking via Static Default Trusted Directories in safeBinsEPSS 0.1%CVE-2026-53842HIGHOpenClaw < 2026.5.2 - Arbitrary Python Runtime Execution via CLOUDSDK_PYTHON Environment VariableEPSS 0.1%CVE-2026-40947LOWYubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path.EPSS 0.1%CVE-2025-24830MEDIUMLocal privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (WindoEPSS 0.1%CVE-2025-24828MEDIUMLocal privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (WindoEPSS 0.1%CVE-2025-24829MEDIUMLocal privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (WindoEPSS 0.1%CVE-2025-24827MEDIUMLocal privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (WindoEPSS 0.1%CVE-2026-32015HIGHOpenClaw 2026.1.21 < 2026.2.19 - PATH Hijacking Bypass in tools.exec.safeBins Allowlist ValidationEPSS 0.1%CVE-2026-32032HIGHOpenClaw < 2026.2.22 - Arbitrary Shell Execution via Unvalidated SHELL Environment VariableEPSS 0.1%CVE-2026-4545HIGHFlos Freeware Notepad2 PROPSYS.dll uncontrolled search pathEPSS 0.1%CVE-2025-30407MEDIUMLocal privilege escalation due to a binary hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (EPSS 0.1%