Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

639 vulnerabilities with CWE-426

CVE-2026-54055 MEDIUM

Kitty has an Arbitrary File Write via Symlink Race Condition in File Transmission Protocol

CVE-2026-53819 HIGH

OpenClaw < 2026.5.27 - Arbitrary Homebrew Executable Execution via Workspace .env Override

CVE-2026-48565 HIGH

Windows Narrator Braille Elevation of Privilege Vulnerability

CVE-2026-47648 HIGH

Microsoft Windows 10 Version 1607 - Windows Storage Elevation of Privilege Vulnerability

CVE-2026-24064 HIGH

Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

CVE-2026-11401 HIGH

Privilege Escalation in AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL

CVE-2026-11400 HIGH

Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL

CVE-2026-44477 CRITICAL

CloudNativePG Metrics Exporter - PostgreSQL Superuser Privilege Escalation

CVE-2026-45721 CRITICAL

Algernon: handler.lua discovery walks parent directories above the server root

CVE-2026-45772 CRITICAL

Turborepo: Unexpected local code execution during Yarn Berry detection

CVE-2026-30906 HIGH

Zoom Rooms < 7.0.0 - Authenticated Privilege Escalation via Untrusted Search Path

CVE-2026-0251 MEDIUM

GlobalProtect App: Local Privilege Escalation Vulnerabilities

CVE-2026-42830 MEDIUM

Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability

CVE-2026-7309 MEDIUM

Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection

CVE-2026-35368 HIGH

uutils coreutils chroot Local Privilege Escalation and chroot Escape in via Name Service Switch (NSS) Injection

CVE-2026-35603 HIGH

Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows

CVE-2026-6421 HIGH

Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path

CVE-2026-40947 LOW

Yubico libfido2 <1.17.0 - DLL Hijacking

CVE-2026-27290 HIGH

Adobe Framemaker | Untrusted Search Path (CWE-426)

CVE-2026-40287 HIGH

PraisonAI has RCE via Automatic tools.py Import

CVE-2026-40156 HIGH

PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

CVE-2026-39883 HIGH

OpenTelemetry-Go 1.15.0-1.42.0 - BSD kenv PATH Hijacking

CVE-2026-3780 HIGH

Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation

CVE-2026-4962 HIGH

UltraVNC Service version.dll uncontrolled search path

CVE-2026-4546 HIGH

Flos Freeware Notepad2 TextShaping.dll uncontrolled search path

Page 1 of 26 Next

Details

Vulnerabilities 639

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy