Home / Vulnerability Intelligence / CVE-2026-3609

CVE-2026-3609 - Vulnerability Analysis

N/a

Last Updated: May 12, 2026

Wellbia XIGNCODE3 - Privilege Escalation

Published: May 11, 2026Updated: May 12, 2026PoC Available

Overview

Wellbia XIGNCODE3 xhunter1.sys kernel driver contains a privilege escalation vulnerability caused by access to IRP_MJ_REITS command interface, letting any user process request PROCESS_ALL_ACCESS, exploit requires local user access.

Severity & Score

Severity: N/a

Impact

Local attackers can escalate privileges to gain full process access, potentially compromising the entire system.

Mitigation

Update to the latest version or apply vendor patches addressing this vulnerability.

References

https://blacksnufkin.github.io/posts/AntiCheat-LPE-CVE-2026-3609/
https://crcert.or.kr

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-3609
Severity: N/a
Type: broken_access_control
Status: unconfirmed

CVSS Metrics

N/A