{"id":"CVE-2022-28128","details":"Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.","modified":"2026-04-12T06:00:00.798165Z","published":"2022-03-31T08:15:08.470Z","references":[{"type":"ADVISORY","url":"https://hibara.org/software/attachecase/?lang=en"},{"type":"ADVISORY","url":"https://jvn.jp/en/jp/JVN10140834/index.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/hibara/attachecase3","events":[{"introduced":"0"},{"last_affected":"de785708abbead93b01e0b0975d8257ad6a23f4c"}],"database_specific":{"cpe":"cpe:2.3:a:hibara:attachecase:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"3.6.1.0"}]}}],"versions":["v3.5.1.0","v3.5.2.0","v3.5.3.0","v3.5.4.0","v3.5.4.1","v3.6.0.0","v3.6.1.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-28128.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}