Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,133 vulnerabilities with CWE-427

CVE-2026-4962 HIGH

UltraVNC Service version.dll uncontrolled search path

CVE-2026-28760 HIGH

RATOC RAID Monitoring Manager for Windows <2.00.009.260220 - DLL Hijacking

CVE-2026-26306 HIGH

OM Workspace (Windows Edition) <=2.4 - DLL Hijacking

CVE-2026-4546 HIGH

Flos Freeware Notepad2 TextShaping.dll uncontrolled search path

CVE-2026-4545 HIGH

Flos Freeware Notepad2 PROPSYS.dll uncontrolled search path

CVE-2026-33156 HIGH

DLL Sideloading in ScreenToGif

CVE-2026-2713 HIGH

IBM Trusteer Rapport 3.5.2309.290 - DLL Hijacking

CVE-2026-24317 MEDIUM

SAP GUI for Windows - DLL Hijacking

CVE-2026-30896 HIGH

Qsee Client <=1.0.1 - DLL Hijacking

CVE-2026-3787 HIGH

UltraVNC 1.6.4.0 - Path Traversal

CVE-2026-28712 MEDIUM

Acronis Cyber Protect 17 <41186 - Privilege Escalation

CVE-2026-28711 MEDIUM

Acronis Cyber Protect 17 - Privilege Escalation

CVE-2026-29610 HIGH

OpenClaw <2026.2.14 - Command Injection

CVE-2026-28456 HIGH

OpenClaw 2026.1.5-2026.2.14 - Code Injection

CVE-2026-22270 MEDIUM

Dell PowerScale OneFS <9.10.1.6/9.11.0.0-9.12.0.1 - Privilege Escal...

CVE-2026-24502 HIGH

Dell Command | Intel vPro <4.7.0 - Privilege Escalation

CVE-2026-25191 HIGH

FinalCode Client - DLL Hijacking

CVE-2026-3091 MEDIUM

Synology Presto Client <2.1.3-0672 - DLL Hijacking

CVE-2026-21420 HIGH

Dell Repository Manager <3.4.8 - Privilege Escalation

CVE-2026-2492 HIGH

TensorFlow HDF5 Library - Privilege Escalation

CVE-2026-2040 HIGH

PDF-XChange Editor - Privilege Escalation

CVE-2026-26099 MEDIUM

Owl opds 2.2.0.4 - Path Traversal

CVE-2026-26098 MEDIUM

Owl opds 2.2.0.4 - Path Traversal

CVE-2026-26097 MEDIUM

Owl opds 2.2.0.4 - Path Traversal

CVE-2026-26050 HIGH

RICOH Job Log Tool <1.3.7 - DLL Hijacking

Previous Page 2 of 46 Next

Details

Vulnerabilities 1,133

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy