Home / Vulnerability Intelligence / CVE-2026-25676

CVE-2026-25676 - Vulnerability Analysis

HighCVSS: 7.8

Last Updated: February 12, 2026

M-Track Duo HD - Remote Code Execution & Privilege Escalation

Published: February 12, 2026Updated: February 12, 2026PoC Available

Overview

M-Track Duo HD 1.0.0 contains a DLL search path vulnerability caused by insecure DLL loading, letting attackers execute arbitrary code with administrator privileges, exploit requires local execution.

Severity & Score

Severity: High

CVSS Score: 7.8

EPSS Score: 1.4%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary code with administrator privileges, leading to full system compromise.

Mitigation

Update to the latest version with fixed DLL search path handling.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Feb 12, 2026

🟠 CVE-2026-25676 - High (7.8) The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25676/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

GitHub Repositories(1 repo)

https://github.com/Nexxus67/cve-2026-25676

Related Resources

Details

CVE ID: CVE-2026-25676
Severity: High
CVSS Score: 7.8
Type: undefined
Status: unconfirmed
EPSS: 1.4%
Social Posts: 1

CWE

CWE-427

CVSS Metrics

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

1.4%Probability of exploitation in the next 30 days