CVE-2026-25865

HIGH NVD

CVSS Score 7.8

Severity HIGH

Published Jun 18, 2026

Vendor unknown

Description

Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll Control_RunDLL input.dll. Attackers can place a malicious executable earlier in the search order to achieve arbitrary code execution in the context of the affected user.

References

https://spektion.com/articles/cve-2026-25865-punto-switcher
https://www.vulncheck.com/advisories/punto-switcher-unquoted-search-path-via-winexec
https://yandex.ru/soft/punto