CVE-2026-40031

HIGH 7.8

MemProcFS < 5.17 DLL/Shared Library Hijacking

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

2th

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malicious DLL or shared library in the working directory or manipulates LD_LIBRARY_PATH can achieve arbitrary code execution when MemProcFS loads.

CWE	CWE-427
Vendor	ufrisk
Product	memprocfs
Published	Apr 8, 2026
Last Updated	Apr 9, 2026

Stay Ahead of the Next One

Get instant alerts for ufrisk memprocfs

Be the first to know when new high vulnerabilities affecting ufrisk memprocfs are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

ufrisk / MemProcFS

0 ≤ 5.16.12

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/ufrisk/MemProcFS/releases/tag/v5.17 github.com: https://github.com/ufrisk/MemProcFS/commit/df80e6e83641f5004025ce661e6dd8139028d7b5 mobasi.ai: https://mobasi.ai/sentinel vulncheck.com: https://www.vulncheck.com/advisories/memprocfs-dll-shared-library-hijacking

Credits

Mobasi Security Team