+- Dark C0d3rs (https://darkcoders.wiki)
+-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log)
+--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports)
+--- Thread: HackerOne Disclosed Reports - 2026-06-05 (/Thread-HackerOne-Disclosed-Reports-2026-06-05)
HackerOne disclosed reports - 2026-06-05 - hashXploiter - 06-06-2026
High
resolved
resolved
DLL side-loading vulnerability in Sony Music Center for PC Ver. 2.7.2 (Latest version)
Bug reported by Suphawith Phusanbai was disclosed at June 5, 2026, 9:10 am | Uncontrolled Search Path Element
A DLL side-loading vulnerability was discovered in Sony Music Center for PC Ver. 2.7.2. The application insecurely searched for a missing DLL file in the system PATH environment, allowing an attacker with access to the victim's local machine to achieve arbitrary code execution by placing a malicious DLL file in the PATH. The vulnerability was referenced in the MITRE ATT&CK framework.