CVE-2026-11967
Arbitrary code execution in MobaXterm Personal Edition (Portable)
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8.5EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
12 jun 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execution by loading a malicious DLL located in the same directory as the portable executable. Because the application automatically loads the winspool.drv library from that location during startup, an attacker with local access can place a specially crafted DLL alongside the executable to be executed when the victim launches the application.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Mobatek · MobaXterm Personal Edition (Portable)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →