ByteOS Network

CVE-2019-25741

Assigner-VulnCheck

View Details

Assigner-VulnCheck

CVSS Score-9.3||CRITICAL

EPSS-Not Assigned

Published-04 Jun, 2026 | 13:22

Updated-04 Jun, 2026 | 15:06

Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File

Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the vulnerability when imported and executed, enabling reverse shell execution with user privileges.

Vendor-Mobatek

Product-Mobatek MobaXterm

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2026-6421

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-7.3||HIGH

EPSS-0.01% / 0.38%

||

7 Day CHG~0.00%

Published-17 Apr, 2026 | 05:45

Updated-22 Apr, 2026 | 20:22

Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 26.2 is able to mitigate this issue. It is suggested to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Vendor-Mobatek

Product-MobaXterm Home Edition

CWE ID-CWE-426

Untrusted Search Path

CWE ID-CWE-427

Uncontrolled Search Path Element

CVE-2026-25866

Assigner-VulnCheck

View Details

Assigner-VulnCheck

CVSS Score-8.5||HIGH

EPSS-0.02% / 5.50%

||

7 Day CHG~0.00%

Published-09 Mar, 2026 | 15:24

Updated-06 May, 2026 | 14:23

MobaXterm < 26.1 Notepad++ Unquoted Service Path

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable earlier in the search order, resulting in arbitrary code execution in the context of the affected user.

Vendor-mobatek Mobatek

Product-mobaxterm MobaXterm

CWE ID-CWE-428

Unquoted Search Path or Element

CVE-2025-0714

Assigner-cirosec GmbH

View Details

Assigner-cirosec GmbH

CVSS Score-6.5||MEDIUM

EPSS-0.04% / 13.67%

||

7 Day CHG~0.00%

Published-17 Feb, 2025 | 11:56

Updated-15 Apr, 2026 | 00:35

Insecure storage of sensitive information in MobaXTerm <25.0.

The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector (IV) consisting only of zero bytes and a master key to encrypt each password individually. In the default configuration, on opening MobaXTerm, the user is prompted for their password. A derivative of the password is used as the master key. As both the master key and the IV are the same for each stored password, the AES CFB ciphertext depends only on the plaintext (the password). The static IV and master key make it easier to obtain sensitive information and to decrypt data when it is stored at rest.

Vendor-Mobatek

Product-MobaXterm

CWE ID-CWE-1204

Generation of Weak Initialization Vector (IV)

Mobatek

Source -

BOS Name -

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -