CVE-2026-36574
7.8 HIGHA DLL hijacking vulnerability in Wassimulator (GitHub) CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary ...
Published: 2026-06-03 · Last updated: 2026-06-08
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- CWE
- CWE-427
Description
A DLL hijacking vulnerability in Wassimulator (GitHub) CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-36574
- [Other]https://github.com/Wassimulator/CactusViewer
- [Other]https://github.com/Wassimulator/CactusViewer/issues/65
- [Other]https://github.com/Wassimulator/CactusViewer/releases/download/v2.3.0/CactusViewer.exe
- [Other]https://github.com/openlabs/docker-wkhtmltopdf-aas/issues/36
- [Other]https://github.com/Wassimulator/CactusViewer/issues/65
Related CVEs
Same CWE
- CVE-2026-8637 — A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local auth... (7.8 HIGH)
- CVE-2026-47937 — Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that cou... (7.4 HIGH)
- CVE-2026-41567 — Moby is an open source container framework (7.2 HIGH)
- CVE-2026-50033 — Local privilege escalation due to DLL hijacking vulnerability (7.3 HIGH)
- CVE-2026-44682 — Local privilege escalation due to DLL hijacking vulnerability (7.3 HIGH)