High severity7.8NVD Advisory· Published Jan 30, 2026· Updated Apr 15, 2026
CVE-2020-37059
CVE-2020-37059
Description
Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files (x86) or system root directories to be executed with SYSTEM-level permissions during service startup.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 6.2.1.14
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.