CVE-2026-36425
An issue in OPSWAT AppRemover Driver (ardrv.sys) v2017.10.02.1551 and earlier in IOCTL handler 0x2420031. Any local user can open the device
CVSS
—
No CVSS
EPSS
—
KEV
—
Exploit Today
—
0-100
Published: Jul 16, 2026 · Last modified: Jul 16, 2026
Not enough EPSS history yet.
An issue in OPSWAT AppRemover Driver (ardrv.sys) v2017.10.02.1551 and earlier in IOCTL handler 0x2420031. Any local user can open the device and send process termination requests without privilege validation.
- github.comhttps://github.com/redteamfortress/CVE-2026-36425
- www.opswat.comhttps://www.opswat.com/products/oesis-framework/application-removal
- www.virustotal.comhttps://www.virustotal.com/gui/file/07c5209bf83065fe760f4fee4ed2308b0c523671f68ca73a3854c2c8c28c0541
- www.virustotal.comhttps://www.virustotal.com/gui/file/2248347b2ec49f07268a44816ebb6265677093ec277f825de1a76700ab25e3bc
No related CVEs by CWE or product.