Home

Description

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer.

PUBLISHED Reserved 2025-12-25 | Published 2026-01-08 | Updated 2026-01-22 | Assigner jpcert




HIGH: 7.8CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

Uncontrolled Search Path Element

Product status

all versions
affected

all versions
affected

all versions
affected

all versions
affected

all versions
affected

all versions
affected

all versions
affected

all versions
affected

all versions
affected

all versions
affected

References

jpn.pioneer/ja/support/software/stellanova/dac_driver/

jvn.jp/en/jp/JVN17956874/

cve.org (CVE-2026-21427)

nvd.nist.gov (CVE-2026-21427)

Download JSON