Medium severity6.7NVD Advisory· Published Apr 28, 2026· Updated Apr 28, 2026
CVE-2026-7280
CVE-2026-7280
Description
AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrary code execution with system privileges when the AVACAST service starts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.