Description

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malicious DLL or shared library in the working directory or manipulates LD_LIBRARY_PATH can achieve arbitrary code execution when MemProcFS loads.

INFO

Published Date :

2026-04-08T21:35:26.293Z

Last Modified :

2026-05-08T14:07:22.373Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2026-40031 vulnerability.

Vendors Products
Ufrisk
  • Memprocfs
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-40031.

URL Resource
https://github.com/ufrisk/MemProcFS/commit/df80e6e83641f5004025ce661e6dd8139028d7b5 cve-icon cve-icon
https://github.com/ufrisk/MemProcFS/releases/tag/v5.17 cve-icon cve-icon
https://mobasi.ai/sentinel cve-icon cve-icon
https://www.vulncheck.com/advisories/memprocfs-dll-shared-library-hijacking cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact