A vulnerability classified as critical was found in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIO_Imp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls.

This vulnerability is tracked as CVE-2026-3796. The attack is restricted to local execution. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.