High severity7.0NVD Advisory· Published Feb 15, 2026· Updated Apr 29, 2026

CVE-2026-2516

Description

A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit is publicly available and might be used. Upgrading the affected component is recommended. The vendor explains: "[W]e have already addressed similar DLL search path vulnerability patterns through prior security updates. (...) Users are advised to use the latest version provided by the vendor."

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.unidocs.com/programs/ezPDF_DRM_Reader/nvd
gofile.me/7bU54/ZG47Lh7Yxnvd
vuldb.com/submit/736172nvd
vuldb.com/vuln/346107nvd
vuldb.com/vuln/346107/ctinvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000