VYPR
High severity7.8NVD Advisory· Published Apr 8, 2026· Updated Apr 17, 2026

CVE-2026-40031

CVE-2026-40031

Description

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malicious DLL or shared library in the working directory or manipulates LD_LIBRARY_PATH can achieve arbitrary code execution when MemProcFS loads.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ufrisk/Memprocfs2 versions
    cpe:2.3:a:ufrisk:memprocfs:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ufrisk:memprocfs:*:*:*:*:*:*:*:*range: <5.17
    • (no CPE)range: <5.17

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.

CVE-2026-40031 · High · VYPR