Tag
medium
advisory
Multiple Vulnerabilities in expat XML Parser Library
2 rules 2 TTPsMultiple vulnerabilities have been discovered in the expat XML parser library that can be exploited by a local attacker, potentially leading to a Denial of Service condition or allowing for arbitrary code execution on the affected system.
expat
vulnerability
library
xml
denial-of-service
code-execution
local-exploitation
2r
2t
high
advisory
CVE-2026-25865: Punto Switcher Unquoted Search Path Vulnerability
2 rules 2 TTPsCVE-2026-25865 describes an unquoted search path element vulnerability in Yandex Punto Switcher through version 4.5.0.583, allowing local attackers to execute arbitrary code by placing a malicious `RunDll32.exe` earlier in the system's PATH to hijack the application's insecure `WinExec` call, leading to arbitrary code execution with affected user privileges.
Punto Switcher
privilege-escalation
local-exploitation
windows
software-vulnerability
path-interception
2r
2t