VYPR
High severity7.3OSV Advisory· Published Apr 15, 2025· Updated Apr 15, 2026

CVE-2025-32780

CVE-2025-32780

Description

BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.6.2 is vulnerable to a DLL Hijacking vulnerability. By placing a malicious DLL with the name uuid.dll in the folder C:\Users\\AppData\Local\Microsoft\WindowsApps\, an attacker can execute arbitrary code every time BleachBit is run. This issue has been patched in version 4.9.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Bleachbit/BleachbitOSV2 versions
    v1.0, v1.1, v1.10, …+ 1 more
    • (no CPE)range: v1.0, v1.1, v1.10, …
    • (no CPE)range: <=4.6.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.