ByteOS Network

NVD Vulnerability Details :

CVE-2026-25191

Awaiting Analysis

Source-vultures@jpcert.or.jp

Published At-26 Feb, 2026 | 06:17

Updated At-27 Feb, 2026 | 14:06

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privilege.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	8.4	HIGH	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.0	7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Secondary

Version: 4.0

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.0

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CWE ID	Type	Source
CWE-427	Primary	vultures@jpcert.or.jp

CWE ID: CWE-427

Type: Primary

Source: vultures@jpcert.or.jp

References

Hyperlink	Source	Resource
https://jvn.jp/en/jp/JVN48498976/	vultures@jpcert.or.jp	N/A
https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20260226_01.pdf	vultures@jpcert.or.jp	N/A

Hyperlink: https://jvn.jp/en/jp/JVN48498976/

Source: vultures@jpcert.or.jp

Resource: N/A

Hyperlink: https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20260226_01.pdf

Source: vultures@jpcert.or.jp

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History