High severity7.8NVD Advisory· Published Sep 29, 2022· Updated Jun 17, 2026
CVE-2022-40126
CVE-2022-40126
Description
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
Affected products
3- Clash for Windows/Clash for Windowsdescription
- Range: =0.19.9
- Range: =0.19.9
Patches
Vulnerability mechanics
References
1- github.com/Fndroid/clash_for_windows_pkg/issues/3405nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.