Tag

Installer

1 brief RSS

CVE-2026-3780: Local Privilege Escalation via Untrusted Search Path in Application Installer

An application installer vulnerable to CVE-2026-3780 runs with elevated privileges but resolves system executables and DLLs using an untrusted search path, enabling local privilege escalation by allowing a local attacker to inject malicious binaries.

privilege-escalation cve-2026-3780 untrusted-search-path dll-hijacking installer

2r 1t 1c Apr 1, 2026