CVE-2026-44469
HIGH NVDCVSS Score
7.8
Severity
HIGH
Source
NVD
Published
May 26, 2026
Description
The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation.