CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
CVE-2026-13511 (GCVE-0-2026-13511)
Vulnerability from cvelistv5 – Published: 2026-06-28 22:30 – Updated: 2026-06-29 12:59| URL | Tags |
|---|---|
| https://vuldb.com/vuln/374519 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/374519/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-13511 | third-party-advisory |
| https://vuldb.com/submit/838873 | third-party-advisory |
| https://github.com/VoltAgent/voltagent/issues/1315 | exploitissue-tracking |
| https://github.com/VoltAgent/voltagent/pull/1317 | issue-trackingpatch |
| https://github.com/VoltAgent/voltagent/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | VoltAgent |
Affected:
2.1.0
Affected: 2.1.1 Affected: 2.1.2 Affected: 2.1.3 Affected: 2.1.4 Affected: 2.1.5 Affected: 2.1.6 Affected: 2.1.7 Affected: 2.1.8 Affected: 2.1.9 Affected: 2.1.10 Affected: 2.1.11 Affected: 2.1.12 Affected: 2.1.13 Affected: 2.1.14 Affected: 2.1.15 Affected: 2.1.16 Affected: 2.1.17 cpe:2.3:a:voltagent:voltagent:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13511",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T12:59:51.199975Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T12:59:59.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:voltagent:voltagent:*:*:*:*:*:*:*:*"
],
"modules": [
"Memory REST API"
],
"product": "VoltAgent",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.1.5"
},
{
"status": "affected",
"version": "2.1.6"
},
{
"status": "affected",
"version": "2.1.7"
},
{
"status": "affected",
"version": "2.1.8"
},
{
"status": "affected",
"version": "2.1.9"
},
{
"status": "affected",
"version": "2.1.10"
},
{
"status": "affected",
"version": "2.1.11"
},
{
"status": "affected",
"version": "2.1.12"
},
{
"status": "affected",
"version": "2.1.13"
},
{
"status": "affected",
"version": "2.1.14"
},
{
"status": "affected",
"version": "2.1.15"
},
{
"status": "affected",
"version": "2.1.16"
},
{
"status": "affected",
"version": "2.1.17"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem000000 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-28T22:30:11.528Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-374519 | VoltAgent Memory REST API memory.handlers.ts handleGetMemoryConversation improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/374519"
},
{
"name": "VDB-374519 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/374519/cti"
},
{
"name": "CVE-2026-13511 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-13511"
},
{
"name": "Submit #838873 | VoltAgent 2.1.17 Improper Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/838873"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/VoltAgent/voltagent/issues/1315"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/VoltAgent/voltagent/pull/1317"
},
{
"tags": [
"product"
],
"url": "https://github.com/VoltAgent/voltagent/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-28T08:34:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "VoltAgent Memory REST API memory.handlers.ts handleGetMemoryConversation improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-13511",
"datePublished": "2026-06-28T22:30:11.528Z",
"dateReserved": "2026-06-28T06:28:57.591Z",
"dateUpdated": "2026-06-29T12:59:59.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12823 (GCVE-0-2026-12823)
Vulnerability from cvelistv5 – Published: 2026-06-21 23:45 – Updated: 2026-07-03 04:05| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372613 | vdb-entry |
| https://vuldb.com/vuln/372613/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12823 | third-party-advisory |
| https://vuldb.com/submit/837600 | third-party-advisory |
| https://github.com/NARKHEDE-VAIBHAV/poc/blob/main… | exploit |
| https://github.com/NARKHEDE-VAIBHAV/poc/blob/main… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Browserbase | Skills |
Affected:
20260526
cpe:2.3:a:browserbase:skills:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12823",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T14:02:23.565503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T14:19:20.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:browserbase:skills:*:*:*:*:*:*:*:*"
],
"modules": [
"Autobrowse Trace Artifact Handler"
],
"product": "Skills",
"vendor": "Browserbase",
"versions": [
{
"status": "affected",
"version": "20260526"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "vaibhavnarkhede (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "vaibhavnarkhede (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Browserbase Skills up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The first version of the CVE listed Browserbase itself as affected product. This was incorrect as this issue does affect browserbase/skills instead. The vendor was contacted early about this disclosure."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T04:05:07.713Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372613 | Browserbase Skills Autobrowse Trace Artifact default permission",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372613"
},
{
"name": "VDB-372613 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372613/cti"
},
{
"name": "CVE-2026-12823 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12823"
},
{
"name": "Submit #837600 | Browserbase Browserbase Skills latest main branch prior to fix (tested May 2026) Information Disclosure / Insecure File Permissions",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/837600"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/Advisory.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/poc.sh"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-21T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-03T06:09:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "Browserbase Skills Autobrowse Trace Artifact default permission"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12823",
"datePublished": "2026-06-21T23:45:08.247Z",
"dateReserved": "2026-06-21T13:17:40.650Z",
"dateUpdated": "2026-07-03T04:05:07.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12799 (GCVE-0-2026-12799)
Vulnerability from cvelistv5 – Published: 2026-06-21 10:00 – Updated: 2026-06-22 16:17| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372561 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/372561/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12799 | third-party-advisory |
| https://vuldb.com/submit/811291 | third-party-advisory |
| https://gist.github.com/YLChen-007/3ace22e33e468d… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12799",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T16:16:34.425795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T16:17:02.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://vuldb.com/submit/811291"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*"
],
"modules": [
"Incomplete Fix CVE-2025-0628"
],
"product": "litellm",
"vendor": "BerriAI",
"versions": [
{
"status": "affected",
"version": "1.82.0"
},
{
"status": "affected",
"version": "1.82.1"
},
{
"status": "affected",
"version": "1.82.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-d (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T10:00:08.928Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372561 | BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/372561"
},
{
"name": "VDB-372561 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372561/cti"
},
{
"name": "CVE-2026-12799 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12799"
},
{
"name": "Submit #811291 | litellm \u003c= 1.82.2 Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/811291"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/YLChen-007/3ace22e33e468d0166fe609c9fdf4184"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T19:17:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12799",
"datePublished": "2026-06-21T10:00:08.928Z",
"dateReserved": "2026-06-20T17:12:23.228Z",
"dateUpdated": "2026-06-22T16:17:02.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12786 (GCVE-0-2026-12786)
Vulnerability from cvelistv5 – Published: 2026-06-21 07:15 – Updated: 2026-06-22 13:37| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372528 | vdb-entry |
| https://vuldb.com/vuln/372528/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12786 | third-party-advisory |
| https://vuldb.com/submit/835614 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Ezbsystems | UltraISO Premium Edition |
Affected:
9.0
Affected: 9.1 Affected: 9.2 Affected: 9.3 Affected: 9.4 Affected: 9.5 Affected: 9.6 Affected: 9.7 Affected: 9.8 Affected: 9.9 Affected: 9.10 Affected: 9.11 Affected: 9.12 Affected: 9.13 Affected: 9.14 Affected: 9.15 Affected: 9.16 Affected: 9.17 Affected: 9.18 Affected: 9.19 Affected: 9.20 Affected: 9.21 Affected: 9.22 Affected: 9.23 Affected: 9.24 Affected: 9.25 Affected: 9.26 Affected: 9.27 Affected: 9.28 Affected: 9.29 Affected: 9.30 Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.36 Affected: 9.37 Affected: 9.38 Affected: 9.39 Affected: 9.40 Affected: 9.41 Affected: 9.42 Affected: 9.43 Affected: 9.44 Affected: 9.45 Affected: 9.46 Affected: 9.47 Affected: 9.48 Affected: 9.49 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.53 Affected: 9.54 Affected: 9.55 Affected: 9.56 Affected: 9.57 Affected: 9.58 Affected: 9.59 Affected: 9.60 Affected: 9.61 Affected: 9.62 Affected: 9.63 Affected: 9.64 Affected: 9.65 Affected: 9.66 Affected: 9.67 Affected: 9.68 Affected: 9.69 Affected: 9.70 Affected: 9.71 Affected: 9.72 Affected: 9.73 Affected: 9.74 Affected: 9.75 Affected: 9.76 cpe:2.3:a:ezbsystems:ultraiso_premium_edition:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12786",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T13:36:48.924481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T13:37:02.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ezbsystems:ultraiso_premium_edition:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "UltraISO Premium Edition",
"vendor": "Ezbsystems",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.1"
},
{
"status": "affected",
"version": "9.2"
},
{
"status": "affected",
"version": "9.3"
},
{
"status": "affected",
"version": "9.4"
},
{
"status": "affected",
"version": "9.5"
},
{
"status": "affected",
"version": "9.6"
},
{
"status": "affected",
"version": "9.7"
},
{
"status": "affected",
"version": "9.8"
},
{
"status": "affected",
"version": "9.9"
},
{
"status": "affected",
"version": "9.10"
},
{
"status": "affected",
"version": "9.11"
},
{
"status": "affected",
"version": "9.12"
},
{
"status": "affected",
"version": "9.13"
},
{
"status": "affected",
"version": "9.14"
},
{
"status": "affected",
"version": "9.15"
},
{
"status": "affected",
"version": "9.16"
},
{
"status": "affected",
"version": "9.17"
},
{
"status": "affected",
"version": "9.18"
},
{
"status": "affected",
"version": "9.19"
},
{
"status": "affected",
"version": "9.20"
},
{
"status": "affected",
"version": "9.21"
},
{
"status": "affected",
"version": "9.22"
},
{
"status": "affected",
"version": "9.23"
},
{
"status": "affected",
"version": "9.24"
},
{
"status": "affected",
"version": "9.25"
},
{
"status": "affected",
"version": "9.26"
},
{
"status": "affected",
"version": "9.27"
},
{
"status": "affected",
"version": "9.28"
},
{
"status": "affected",
"version": "9.29"
},
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.36"
},
{
"status": "affected",
"version": "9.37"
},
{
"status": "affected",
"version": "9.38"
},
{
"status": "affected",
"version": "9.39"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.42"
},
{
"status": "affected",
"version": "9.43"
},
{
"status": "affected",
"version": "9.44"
},
{
"status": "affected",
"version": "9.45"
},
{
"status": "affected",
"version": "9.46"
},
{
"status": "affected",
"version": "9.47"
},
{
"status": "affected",
"version": "9.48"
},
{
"status": "affected",
"version": "9.49"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.53"
},
{
"status": "affected",
"version": "9.54"
},
{
"status": "affected",
"version": "9.55"
},
{
"status": "affected",
"version": "9.56"
},
{
"status": "affected",
"version": "9.57"
},
{
"status": "affected",
"version": "9.58"
},
{
"status": "affected",
"version": "9.59"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
},
{
"status": "affected",
"version": "9.63"
},
{
"status": "affected",
"version": "9.64"
},
{
"status": "affected",
"version": "9.65"
},
{
"status": "affected",
"version": "9.66"
},
{
"status": "affected",
"version": "9.67"
},
{
"status": "affected",
"version": "9.68"
},
{
"status": "affected",
"version": "9.69"
},
{
"status": "affected",
"version": "9.70"
},
{
"status": "affected",
"version": "9.71"
},
{
"status": "affected",
"version": "9.72"
},
{
"status": "affected",
"version": "9.73"
},
{
"status": "affected",
"version": "9.74"
},
{
"status": "affected",
"version": "9.75"
},
{
"status": "affected",
"version": "9.76"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T07:15:07.752Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372528 | Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372528"
},
{
"name": "VDB-372528 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372528/cti"
},
{
"name": "CVE-2026-12786 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12786"
},
{
"name": "Submit #835614 | UltraISO Premium Edition Kernel Driver bootpt64.sys 9.76 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835614"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/ultraiso-premium-976-kernel-driver-bootpt64sys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:59:15.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12786",
"datePublished": "2026-06-21T07:15:07.752Z",
"dateReserved": "2026-06-20T09:54:11.353Z",
"dateUpdated": "2026-06-22T13:37:02.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12784 (GCVE-0-2026-12784)
Vulnerability from cvelistv5 – Published: 2026-06-21 07:00 – Updated: 2026-06-22 18:12| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372524 | vdb-entry |
| https://vuldb.com/vuln/372524/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12784 | third-party-advisory |
| https://vuldb.com/submit/835613 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| IM-Magic | Partition Resizer |
Affected:
7.0
Affected: 7.1 Affected: 7.2 Affected: 7.3 Affected: 7.4 Affected: 7.5 Affected: 7.6 Affected: 7.7 Affected: 7.8 Affected: 7.9.0 cpe:2.3:a:im-magic:partition_resizer:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12784",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T18:06:49.836208Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T18:12:25.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:im-magic:partition_resizer:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Resizer",
"vendor": "IM-Magic",
"versions": [
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.9.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T07:00:07.040Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372524 | IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372524"
},
{
"name": "VDB-372524 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372524/cti"
},
{
"name": "CVE-2026-12784 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12784"
},
{
"name": "Submit #835613 | IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys 7.9.0 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835613"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/im-magic-partition-resizer-790-kernel-driver-mda-ntdrvsys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:46:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12784",
"datePublished": "2026-06-21T07:00:07.040Z",
"dateReserved": "2026-06-20T09:41:41.728Z",
"dateUpdated": "2026-06-22T18:12:25.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12782 (GCVE-0-2026-12782)
Vulnerability from cvelistv5 – Published: 2026-06-21 06:00 – Updated: 2026-06-23 02:44| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372523 | vdb-entry |
| https://vuldb.com/vuln/372523/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12782 | third-party-advisory |
| https://vuldb.com/submit/835612 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| https://www.easeus.com/partition-manager/ | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| EaseUS | Partition Master |
Affected:
14.0
Affected: 14.1 Affected: 14.2 Affected: 14.3 Affected: 14.4 Affected: 14.5 cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12782",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T02:43:56.232731Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T02:44:08.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Master",
"vendor": "EaseUS",
"versions": [
{
"status": "affected",
"version": "14.0"
},
{
"status": "affected",
"version": "14.1"
},
{
"status": "affected",
"version": "14.2"
},
{
"status": "affected",
"version": "14.3"
},
{
"status": "affected",
"version": "14.4"
},
{
"status": "affected",
"version": "14.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys of the component Kernel Driver. The manipulation results in improper access controls. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The affected component should be upgraded. The vendor explains: \"We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T06:00:10.299Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372523 | EaseUS Partition Master Kernel Driver EUEDKEPM.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372523"
},
{
"name": "VDB-372523 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372523/cti"
},
{
"name": "CVE-2026-12782 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12782"
},
{
"name": "Submit #835612 | EaseUS Partition Master Kernel Driver EUEDKEPM.sys 14.5 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835612"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/easeus-partition-master-145-kernel-driver-euedkepmsys-local-privilege-escalation"
},
{
"tags": [
"patch"
],
"url": "https://www.easeus.com/partition-manager/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:45:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "EaseUS Partition Master Kernel Driver EUEDKEPM.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12782",
"datePublished": "2026-06-21T06:00:10.299Z",
"dateReserved": "2026-06-20T09:39:50.652Z",
"dateUpdated": "2026-06-23T02:44:08.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12781 (GCVE-0-2026-12781)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:45 – Updated: 2026-06-22 10:57| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372522 | vdb-entry |
| https://vuldb.com/vuln/372522/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12781 | third-party-advisory |
| https://vuldb.com/submit/835611 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| https://www.easeus.com/partition-manager/ | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| EaseUS | Partition Master |
Affected:
14.0
Affected: 14.1 Affected: 14.2 Affected: 14.3 Affected: 14.4 Affected: 14.5 cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12781",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T10:56:48.314457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T10:57:03.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Master",
"vendor": "EaseUS",
"versions": [
{
"status": "affected",
"version": "14.0"
},
{
"status": "affected",
"version": "14.1"
},
{
"status": "affected",
"version": "14.2"
},
{
"status": "affected",
"version": "14.3"
},
{
"status": "affected",
"version": "14.4"
},
{
"status": "affected",
"version": "14.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly available and might be used. You should upgrade the affected component. The vendor explains: \"We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:45:07.032Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372522 | EaseUS Partition Master Kernel Driver epmntdrv.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372522"
},
{
"name": "VDB-372522 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372522/cti"
},
{
"name": "CVE-2026-12781 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12781"
},
{
"name": "Submit #835611 | EaseUS Partition Master Kernel Driver epmntdrv.sys 14.5 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835611"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/easeus-partition-master-145-kernel-driver-epmntdrvsys-local-privilege-escalation"
},
{
"tags": [
"patch"
],
"url": "https://www.easeus.com/partition-manager/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:45:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "EaseUS Partition Master Kernel Driver epmntdrv.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12781",
"datePublished": "2026-06-21T05:45:07.032Z",
"dateReserved": "2026-06-20T09:39:48.265Z",
"dateUpdated": "2026-06-22T10:57:03.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12780 (GCVE-0-2026-12780)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:30 – Updated: 2026-06-22 16:13| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372521 | vdb-entry |
| https://vuldb.com/vuln/372521/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12780 | third-party-advisory |
| https://vuldb.com/submit/835609 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12780",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T16:12:11.602552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T16:13:04.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:aomei:backupper:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Backupper",
"vendor": "AOMEI",
"versions": [
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.2"
},
{
"status": "affected",
"version": "8.3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:30:08.835Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372521 | AOMEI Backupper Kernel Driver amwrtdrv.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372521"
},
{
"name": "VDB-372521 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372521/cti"
},
{
"name": "CVE-2026-12780 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12780"
},
{
"name": "Submit #835609 | AOMEI AOMEI Backupper Kernel Driver amwrtdrv.sys 8.3.0 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835609"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/aomei-backupper-830-kernel-driver-amwrtdrvsys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:41:22.000Z",
"value": "VulDB entry last update"
}
],
"title": "AOMEI Backupper Kernel Driver amwrtdrv.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12780",
"datePublished": "2026-06-21T05:30:08.835Z",
"dateReserved": "2026-06-20T09:36:11.510Z",
"dateUpdated": "2026-06-22T16:13:04.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12779 (GCVE-0-2026-12779)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:15 – Updated: 2026-06-22 17:19| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372520 | vdb-entry |
| https://vuldb.com/vuln/372520/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12779 | third-party-advisory |
| https://vuldb.com/submit/835608 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| AOMEI | Dynamic Disk Manager |
Affected:
10.10.0
Affected: 10.10.1 cpe:2.3:a:aomei:dynamic_disk_manager:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12779",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T17:19:41.625705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T17:19:50.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:aomei:dynamic_disk_manager:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Dynamic Disk Manager",
"vendor": "AOMEI",
"versions": [
{
"status": "affected",
"version": "10.10.0"
},
{
"status": "affected",
"version": "10.10.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:15:07.936Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372520 | AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372520"
},
{
"name": "VDB-372520 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372520/cti"
},
{
"name": "CVE-2026-12779 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12779"
},
{
"name": "Submit #835608 | AOMEI AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys 10.10.1 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835608"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/aomei-dynamic-disk-manager-10101-kernel-driver-ddmdrvsys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:41:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12779",
"datePublished": "2026-06-21T05:15:07.936Z",
"dateReserved": "2026-06-20T09:36:08.901Z",
"dateUpdated": "2026-06-22T17:19:50.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12778 (GCVE-0-2026-12778)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:00 – Updated: 2026-06-22 13:33| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372519 | vdb-entry |
| https://vuldb.com/vuln/372519/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12778 | third-party-advisory |
| https://vuldb.com/submit/835607 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| AOMEI | Partition Assistant |
Affected:
10.10.0
Affected: 10.10.1 cpe:2.3:a:aomei:partition_assistant:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12778",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T13:33:32.271119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T13:33:40.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:aomei:partition_assistant:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Assistant",
"vendor": "AOMEI",
"versions": [
{
"status": "affected",
"version": "10.10.0"
},
{
"status": "affected",
"version": "10.10.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:00:08.462Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372519 | AOMEI Partition Assistant Kernel Driver ampa10.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372519"
},
{
"name": "VDB-372519 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372519/cti"
},
{
"name": "CVE-2026-12778 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12778"
},
{
"name": "Submit #835607 | AOMEI AOMEI Partition Assistant Kernel Driver ampa10.sys 10.10.1 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835607"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/aomei-partition-assistant-10101-kernel-driver-ampa10sys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:41:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "AOMEI Partition Assistant Kernel Driver ampa10.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12778",
"datePublished": "2026-06-21T05:00:08.462Z",
"dateReserved": "2026-06-20T09:36:06.162Z",
"dateUpdated": "2026-06-22T13:33:40.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.