Unrated severityNVD Advisory· Published Sep 9, 2025· Updated Jan 20, 2026

LizardBytes Sunshine for Windows contains a DLL search-order hijacking vulnerability

CVE-2025-10198

Description

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories.

Affected products

Lizardbyte/Sunshinellm-fuzzy
Range: = v2025.122.141614
LizardByte/Sunshine for Windowsv5
Range: v2025.122.141614

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/LizardByte/Sunshine/commit/9db11a906167bd962e57896223d7b9718058aeb2mitre
github.com/LizardByte/Sunshine/pull/3971mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000