CVE-2025-10198

Description

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories.

PUBLISHED Reserved 2025-09-09 | Published 2025-09-09 | Updated 2025-09-10 | Assigner certcc

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

References

github.com/LizardByte/Sunshine/pull/3971

cve.org (CVE-2025-10198)

nvd.nist.gov (CVE-2025-10198)

Download JSON