Weaknesses of type CWE-426
282 resultsCVE-2023-21764HIGHMicrosoft Exchange Server Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2023-29790HIGHkodbox 1.2.x through 1.3.7 has a Sensitive Information Leakage issue.EPSS 0.6%CVE-2025-49457CRITICALZoom Clients for Windows - Untrusted Search PathEPSS 0.5%CVE-2020-10733—The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in theEPSS 0.5%CVE-2025-65078CRITICALUntrusted search path vulnerability in Embedded Solutions FrameworkEPSS 0.5%CVE-2025-4971HIGHBroadcom Automic Automation Agent Unix privilege escalationEPSS 0.5%CVE-2024-53407LOWIn Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote contEPSS 0.5%CVE-2023-26038MEDIUMZoneMinder contains Local File Inclusion vulnerability via `web/ajax/modal.php`EPSS 0.5%CVE-2025-26155CRITICALNCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability.EPSS 0.5%CVE-2026-25190HIGHWindows GDI Remote Code Execution VulnerabilityEPSS 0.5%CVE-2023-4736HIGHUntrusted Search Path in vim/vimEPSS 0.5%CVE-2018-10874HIGHIn ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacEPSS 0.5%CVE-2024-43576HIGHMicrosoft Office Remote Code Execution VulnerabilityEPSS 0.5%CVE-2024-3220LOWDefault mimetype known files writeable on WindowsEPSS 0.5%CVE-2021-37617HIGHUntrusted Search Path in Nextcloud Desktop ClientEPSS 0.5%CVE-2026-42830MEDIUMAzure Monitor Agent Metrics Extension Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2023-23920MEDIUMAn untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search aEPSS 0.5%CVE-2021-36297HIGHSupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll filEPSS 0.5%CVE-2020-7315MEDIUMDLL Injection vulnerability in MA for WindowsEPSS 0.5%CVE-2023-40590HIGHUntrusted search path on Windows systems leading to arbitrary code executionEPSS 0.5%