Local Privilege Escalation Vulnerability in Glarysoft Glary Utilities
CVE-2026-15684

7.3HIGH

Key Information:

Vendor

Glarysoft

Vendor
CVE Published:
13 July 2026

What is CVE-2026-15684?

The vulnerability in Glarysoft Glary Utilities stems from a flaw in the Disk Clean functionality that enables local attackers to exploit the system. By creating a junction, an attacker can use this vulnerability to delete arbitrary files and escalate their privileges, allowing for arbitrary code execution at the SYSTEM level. This exploit requires the attacker to have already executed low-privileged code on the target system.

Affected Version(s)

Glary Utilities 6.24.0.28

References

CVSS V3.0

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.