CVE-2026-26306
Insecure DLL Loading in OM Workspace Installer Enables Code Execution
Publication date: 2026-03-25
Last updated on: 2026-03-25
Assigner: JPCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| om_digital_solutions_corporation | om_workspace | to 2.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-26306 is a vulnerability in the installer for OM Workspace (Windows Edition) version 2.4 and earlier. The issue is caused by the installer insecurely loading Dynamic Link Libraries (DLLs) due to improper control of the DLL search path (CWE-427). If a malicious DLL is placed in the same directory as the installer, the installer may load this malicious DLL instead of the legitimate one.
This flaw allows an attacker to execute arbitrary code with the same privileges as the user running the installer, potentially compromising the system.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can allow an attacker to execute arbitrary code on your system with the privileges of the user running the OM Workspace installer. Since the installer insecurely loads DLLs, a malicious DLL placed alongside the installer can be loaded and executed.'}, {'type': 'paragraph', 'content': "The impact includes potential full compromise of your system under the user's privileges, which can lead to unauthorized access, data theft, or system manipulation."}, {'type': 'paragraph', 'content': "The attack requires local access and user interaction, meaning an attacker must trick you into placing the malicious DLL in the installer's directory and running the installer."}] [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by verifying the version of the OM Workspace installer present on your system. Specifically, check if the installer version is 2.4 or earlier, as these versions are affected.'}, {'type': 'paragraph', 'content': 'To verify the installer version, right-click the installer file (e.g., OWSetup_64bit.exe), select βProperties,β and then check the βDetailsβ tab for the version information.'}, {'type': 'paragraph', 'content': "Since the vulnerability involves insecure loading of DLLs from the installer's directory, you should also inspect the directory containing the installer for any unexpected or suspicious DLL files that could be malicious."}, {'type': 'paragraph', 'content': 'There are no specific network detection commands or signatures provided in the available information.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update OM Workspace to the latest installer version provided by OM Digital Solutions Corporation, which addresses the DLL search path issue.
Remove any older installer files (version 2.4 or earlier) from your system to prevent accidental execution of vulnerable installers.
You can update OM Workspace via the Help menu within the application or by downloading and reinstalling the latest installer from the official OM Digital Solutions website.
Ensure that no malicious DLL files are present in the same directory as the installer before running it.
If further assistance is needed, contact OM Digital Solutions Customer Support Center.