CVE-2026-3796

MEDIUM 5.3

Qi-ANXIN QAX Virus Removal Mini Filter Driver QKSecureIO_Imp.sys ZwTerminateProcess access control

CVSS Score

5.3

EPSS Score

0.0%

EPSS Percentile

0th

A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIO_Imp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CWE	CWE-284 CWE-266
Vendor	qi-anxin
Product	qax virus removal
Published	Mar 9, 2026
Last Updated	Mar 10, 2026

Stay Ahead of the Next One

Get instant alerts for qi-anxin qax virus removal

Be the first to know when new medium vulnerabilities affecting qi-anxin qax virus removal are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Qi-ANXIN / QAX Virus Removal

2025-10-22

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.349763 vuldb.com: https://vuldb.com/?ctiid.349763 vuldb.com: https://vuldb.com/?submit.758991 github.com: https://github.com/cwjchoi01/FocusKiller github.com: https://github.com/cwjchoi01/FocusKiller/tree/main/FocusKiller

Credits

🔍 jonathan126 (VulDB User) VulDB