HIGHCVE-2026-40031Published 2026-04-08Modified 2026-05-08CNA VulnCheck

CVE-2026-40031: MemProcFS < 5.17 DLL/Shared Library Hijacking

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malicious DLL or shared library in the working directory or manipulates LD_LIBRARY_PATH can achieve arbitrary code execution when MemProcFS loads.

CVSS v4.0: 8.5
Severity: HIGH
Fixed in: 5.17.0
Affected Products: 1

Fix available

5.17.0df80e6e83641f5004025ce661e6dd8139028d7b5

Patch commits

Patch Commit

Affected packages

ufrisk / MemProcFS
≤ 5.16.12
Fixed in 5.17.0, df80e6e83641f5004025ce661e6dd8139028d7b5

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

Release Notes
Patch Commit
Mobasi Sentinel Vulnerability Index
VulnCheck Advisory: MemProcFS < 5.17 DLL/Shared Library Hijacking

Metrics

Fix available