Home

Description

The installer for OM Workspace (Windows Edition) Ver 2.4 and earlier insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the user invoking the installer.

PUBLISHED Reserved 2026-03-12 | Published 2026-03-25 | Updated 2026-03-25 | Assigner jpcert




HIGH: 7.8CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

Uncontrolled Search Path Element

Product status

Ver 2.4 and earlier
affected

References

support.jp.omsystem.com/...rt/imsg/digicamera/info/omws.html

jvn.jp/en/jp/JVN19505323/

cve.org (CVE-2026-26306)

nvd.nist.gov (CVE-2026-26306)

Download JSON