Unidocs ezPDF DRM Reader/ezPDF Reader SHFOLDER.dll uncontrolled search path

7.3 / 10

HIGH

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 on 32-bit. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-2516

Source VulDB

Published Feb 15, 2026 at 12:02

Affected Product

Vendor Unidocs

Product ezPDF DRM Reader

Version 2.0

Affected Versions Unidocs ezPDF DRM Reader 2.0
Unidocs ezPDF DRM Reader 3.0.0.4
Unidocs ezPDF Reader 2.0
Unidocs ezPDF Reader 3.0.0.4

CWE Classification

CWE-427 CWE-426

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 on 32-bit. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-02-15T12:02:06.101Z",
    "modified": "2026-02-15T12:02:06.101Z",
    "type": "cve",
    "title": "Unidocs ezPDF DRM Reader/ezPDF Reader SHFOLDER.dll uncontrolled search path",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.346107\nhttps://vuldb.com/?ctiid.346107\nhttps://vuldb.com/?submit.736172\nhttps://gofile.me/7bU54/ZG47Lh7Yx",
    "id": "CVE-2026-2516",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427",
        "CWE-426"
    ],
    "cvelist": null,
    "sourceData": "Unidocs ezPDF DRM Reader 2.0\nUnidocs ezPDF DRM Reader 3.0.0.4\nUnidocs ezPDF Reader 2.0\nUnidocs ezPDF Reader 3.0.0.4",
    "sourceHref": "",
    "cvss": {
        "score": 7.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ezPDF DRM Reader",
    "version": "2.0",
    "vendor": "Unidocs",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Unidocs ezPDF DRM Reader/ezPDF Reader SHFOLDER.dll uncontrolled search path_CVE-2026-2516