Dark C0d3rs

Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2026-06-05
Full Version: HackerOne Disclosed Reports - 2026-06-05
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

hashXploiter

Yesterday, 12:30 PM
Logo
High
resolved

DLL side-loading vulnerability in Sony Music Center for PC Ver. 2.7.2 (Latest version)


Bug reported by Suphawith Phusanbai was disclosed at June 5, 2026, 9:10 am   |   Uncontrolled Search Path Element

A DLL side-loading vulnerability was discovered in Sony Music Center for PC Ver. 2.7.2. The application insecurely searched for a missing DLL file in the system PATH environment, allowing an attacker with access to the victim's local machine to achieve arbitrary code execution by placing a malicious DLL file in the PATH. The vulnerability was referenced in the MITRE ATT&CK framework.


Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2026-06-05