CVE-2025-36515

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,4

Source: [email protected]

Attack Vector: local

Attack Complexity: high

Privileges Required: low

User Interaction: active

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

427

Uncontrolled Search Path Element

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability

Potential Impacts:

Execute Unauthorized Code Or Commands

Applicable Platforms

All platforms may be affected

View CWE Details

https://intel.com/content/www/us/en/security-center/advisor…

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01438.html

CVE-2025-36515

Description

Uncontrolled Search Path Element

Common Consequences

Applicable Platforms

Iscriviti alla newsletter