Stack-based Buffer Overflow in WOSDeviceDropFolder.dll by Vendor
CVE-2026-8363

9.8CRITICAL

Key Information:

Vendor: Gladinet
Status: Triofox
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-8363?

A vulnerability exists in the WOSDeviceDropFolder.dll component that can lead to a stack-based buffer overflow when processing overly long URL paths prefixed with /resources. This can potentially allow an attacker to execute arbitrary code or disrupt system operations, significantly compromising the integrity of affected systems. Mitigating this vulnerability requires immediate attention to ensure that URL inputs are properly validated.

Affected Version(s)

Triofox 0 < 17.3.10565.57509

References

https://www.tenable.com/security/research/TRA-2026-45

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
May 11, 2026

CVE-2026-8363 Data

JSON

Gladinet

What is CVE-2026-8363?

Affected Version(s)

References

CVSS V3.1

Timeline