CVE-2026-4415
published 2026-03-30CVE-2026-4415: Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.65%
46.6th percentile
Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | guacamole | — | — |
| gigabyte | control_center | < 25.12.10.01 | 25.12.10.01 |
| gigabyte | gigabyte_control_center | <= 25.07.21.01 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.2CRITICALCVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_apache7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hvj3-h37v-8xmq: Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability
ghsa_unreviewed·2026-03-30
CVE-2026-4415 [CRITICAL] CWE-23 GHSA-hvj3-h37v-8xmq: Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability
Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.
Apache
Apache guacamole: CVE-2012-4415
vendor_apache·CVSS 7.5
CVE-2012-4415 [HIGH] Apache guacamole: CVE-2012-4415
Apache guacamole: CVE-2012-4415
A stack-based buffer overflow vulnerability was discovered in the guac_client_plugin_open() function in libguac in Guacamole before 0.6.3 which could allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name. Acknowledgements: We would like to thank Timo Juhani Lindfors for reporting this issue. Copyright © 2026 The Apache Software Foundation , Licensed under the Apache License, Version 2.0 . Apache Guacamole, Guacamole, Apache, the Apache oak leaf logo, and the Apache Guacamole project logo are trademarks or registered trademarks of The Apache Software Foundation.
Affected versions: 0.6.3
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-03-30
Published