QSearchQSearch

CVE-2026-11967

MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execution by loading a malicious DLL locat...

Published: 2026-06-12 · Last updated: 2026-06-12

Severity and scoring

CWE
CWE-427

Description

MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execution by loading a malicious DLL located in the same directory as the portable executable. Because the application automatically loads the winspool.drv library from that location during startup, an attacker with local access can place a specially crafted DLL alongside the executable to be executed when the victim launches the application.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-11879 MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execution by loading malicious DLLs from a...
  • CVE-2026-53813 OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local ... (7.8 HIGH)
  • CVE-2026-7870 IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call (8.8 HIGH)
  • CVE-2026-10847 A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS (7.8 HIGH)
  • CVE-2026-8637 A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local auth... (7.8 HIGH)