CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

639 vulnerabilities with CWE-426
CVE-2026-4545 HIGH
Flos Freeware Notepad2 PROPSYS.dll uncontrolled search path
CVSS 7.0
CVE-2026-33156 HIGH
DLL Sideloading in ScreenToGif
CVSS 7.8
CVE-2026-25792 MEDIUM
Greenshot Vulnerable to OS Command Injection via ExternalCommand Plugin
CVSS 6.5
CVE-2026-32032 HIGH
OpenClaw < 2026.2.22 - Arbitrary Shell Execution via Unvalidated SHELL Environment Variable
CVSS 7.8
CVE-2026-32016 HIGH
OpenClaw < 2026.2.22 - Path Traversal via Basename-Only Allowlist Matching on macOS
CVSS 7.8
CVE-2026-32015 HIGH
OpenClaw 2026.1.21 < 2026.2.19 - PATH Hijacking Bypass in tools.exec.safeBins Allowlist Validation
CVSS 7.8
CVE-2026-32009 MEDIUM
OpenClaw < 2026.2.24 - Binary Hijacking via Static Default Trusted Directories in safeBins
CVSS 5.7
CVE-2026-21333 HIGH
Illustrator <29.8.4,30.1 - Untrusted Search Path
CVSS 8.6
CVE-2026-25190 HIGH
Windows 10/11 GDI Untrusted Search Path Remote Code Execution
CVSS 7.8
CVE-2026-3787 HIGH
UltraVNC 1.6.4.0 - Untrusted Search Path in Windows Service
CVSS 7.0
CVE-2026-29089 HIGH
TimescaleDB 2.23.0-2.25.1 - Code Injection
CVSS 8.8
CVE-2026-2998 HIGH
eAI Technologies ERP - DLL Hijacking
CVSS 7.8
CVE-2026-25926 HIGH
Notepad++ <8.9.2 - Unsafe Search Path
CVSS 7.3
CVE-2026-2542 HIGH
Total VPN 0.5.29.0 - Privilege Escalation
CVSS 7.0
CVE-2026-2538 HIGH
Notepad2 4.2.22-4.2.25 - Path Traversal
CVSS 7.0
CVE-2026-2516 HIGH
Unidocs ezPDF DRM Reader/ezPDF Reader 2.0/3.0.0.4 - Path Traversal
CVSS 7.0
CVE-2026-21508 HIGH
Windows 10/11 Privilege Escalation via Untrusted Search Path
CVSS 7.0
CVE-2026-25880 HIGH
SumatraPDF < 3.5.2 - Untrusted Search Path Execution via File Menu Action
CVSS 7.8
CVE-2026-0662 HIGH
Autodesk 3ds Max 2026-2026.3.2 - Remote Code Execution via Untrusted Search Path
CVSS 7.8
CVE-2026-24051 HIGH
OpenTelemetry-Go <1.40.0 - Path Hijacking
CVSS 7.0
CVE-2026-24070 HIGH
Native Access - Privilege Escalation
CVSS 8.8
CVE-2026-23888 MEDIUM
pnpm < 10.28.1 - Path Traversal and Arbitrary File Write via Binary Fetcher
CVSS 6.5
CVE-2026-23512 HIGH
SumatraPDF < 3.5.2 - Untrusted Search Path via Advanced Options Notepad Execution
CVSS 8.6
CVE-2026-21280 HIGH
Adobe Illustrator <= 30.0 - Untrusted Search Path
CVSS 8.6
CVE-2026-20943 HIGH
Microsoft Office - Untrusted Search Path
CVSS 7.0
Details
Vulnerabilities 639
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits