CVE-2026-3091 – Synology Presto Client DLL Injection Vulnerability

CVE ID : CVE-2026-3091

Published : Feb. 24, 2026, 2:31 a.m. | 34 minutes ago

Description : An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files during installation by placing a malicious DLL in advance in the same directory as the installer.

Severity: 6.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-3068 – itsourcecode Document Management System deluser.php sql injection

CVE-2026-3067 – HummerRisk Archive Extraction CommandUtils.java extractZip path traversal

CVE-2026-3066 – HummerRisk Cloud Compliance Scanning PlatformUtils.java fixedCommand command injection

CVE-2026-27461 – Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause