VYPR
High severity7.8NVD Advisory· Published Sep 29, 2022· Updated Jun 17, 2026

CVE-2022-40126

CVE-2022-40126

Description

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.