DLL and Shared Library Hijacking Vulnerability in MemProcFS by Ufrisk
CVE-2026-40031

8.5HIGH

Key Information:

Vendor

Ufrisk

Status
Memprocfs
Vendor
CVE Published:
8 April 2026

What is CVE-2026-40031?

MemProcFS versions prior to 5.17 are susceptible to multiple unsafe library loading patterns that present significant security risks. Attackers can exploit this vulnerability by placing a malicious DLL or shared library in the application's working directory or by manipulating the LD_LIBRARY_PATH, leading to arbitrary code execution when MemProcFS loads. This exposure affects various components, including the LoadLibraryU and dlopen calls, which can be leveraged across several attack surfaces, making it imperative for users to upgrade to version 5.17 or later to mitigate these risks.

Affected Version(s)

MemProcFS 0 <= 5.16.12

MemProcFS 5.17

MemProcFS df80e6e83641f5004025ce661e6dd8139028d7b5

References

https://github.com/ufrisk/MemProcFS/releases/tag/v5.17
product
https://github.com/ufrisk/MemProcFS/commit/df80e6e83641f5...
patch
https://mobasi.ai/sentinel
vendor-advisory

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mobasi Security Team
.