CVE-2026-12214

7.8 HIGH

A security flaw has been discovered in Qihoo 360 Total Security 6.0

Published: 2026-06-15 · Last updated: 2026-06-15

Severity and scoring

CVSS: 7.8 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-693

Description

A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-12214
[Other]https://github.com/Gach0ng/vuldb_submit/issues/4
[Other]https://vuldb.com/cve/CVE-2026-12214
[Other]https://vuldb.com/submit/833135
[Other]https://vuldb.com/vuln/370858
[Other]https://vuldb.com/vuln/370858/cti

Related CVEs

Same CWE

CVE-2026-47209 — vm2 is an open source vm/sandbox for Node.js (8.6 HIGH)
CVE-2026-47140 — vm2 is an open source vm/sandbox for Node.js (10.0 CRITICAL)
CVE-2026-47139 — vm2 is an open source vm/sandbox for Node.js (8.6 HIGH)
CVE-2026-47135 — vm2 is an open source vm/sandbox for Node.js (8.7 HIGH)
CVE-2026-12031 — Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised t... (8.3 HIGH)