CVE-2026-6421 | Mobatek MobaXterm Home Edition up to 26.1 msimg32.dll uncontrolled search path

A vulnerability marked as problematic has been reported in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path.

This vulnerability is traded as CVE-2026-6421. An attack has to be approached locally. Furthermore, there is an exploit available.

It is suggested to upgrade the affected component.

The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

CVE-2026-6421 | Mobatek MobaXterm Home Edition up to 26.1 msimg32.dll uncontrolled search path

Post correlati

CVE-2025-3771 | Trellix System Information Reporter 1.0.3 link following

CVE-2023-53626 | Linux Kernel up to 5.4.237/5.10.175/5.15.103/6.1.20/6.2.7 ext4 privilege escalation

CVE-2022-50240 | Linux Kernel up to 5.10.153 munmap use after free

CVE-2022-20663 | Cisco Secure Network Analytics Web-based Management Interface cross site scripting (cisco-sa-sna-xss-NXOxDhRQ)