Critical severity9.8NVD Advisory· Published Jan 8, 2026· Updated Apr 15, 2026

CVE-2019-25268

Description

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SMB shares to execute unauthorized code.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cxsecurity.com/issue/WLB-2019030108nvd
exchange.xforce.ibmcloud.com/vulnerabilities/158065nvd
packetstormsecurity.com/files/152043nvd
web.archive.org/web/20190915095657/https://beopt.nrel.gov/nvd
www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5513.phpnvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000