CVE-2026-36574

HIGH

Wassimulator CactusViewer 2.3.0 - DLL Hijacking

Title source: llm

Description

A DLL hijacking vulnerability in Wassimulator (GitHub) CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL.

References (4)

Core 4

Core References

https://github.com/Wassimulator/CactusViewer/issues/65

https://github.com/Wassimulator/CactusViewer

https://github.com/Wassimulator/CactusViewer/releases/download/v2.3.0/CactusViewer.exe

https://github.com/openlabs/docker-wkhtmltopdf-aas/issues/36

Scores

CVSS v3 7.8

EPSS 0.0014

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-427

Status published

Published Jun 03, 2026

Tracked Since Jun 03, 2026