Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

1 vulnerability by VS Revo

CVE-2026-12193 (GCVE-0-2026-12193)

Vulnerability from cvelistv5 – Published: 2026-06-14 23:30 – Updated: 2026-06-15 12:49

Title

VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow

Summary

A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 2.7.0 is sufficient to fix this issue. It is recommended to upgrade the affected component.

Severity

8.5 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-122 - Heap-based Buffer Overflow
CWE-119 - Memory Corruption

Assigner

VulDB

References

10 references

URL	Tags
https://vuldb.com/vuln/370839	vdb-entrytechnical-description
https://vuldb.com/vuln/370839/cti	signaturepermissions-required
https://vuldb.com/cve/CVE-2026-12193	third-party-advisory
https://vuldb.com/submit/829132	third-party-advisory
https://vuldb.com/submit/829133	third-party-advisory
https://jordanhiggins.blog/revouninstaller-pool-o…	broken-linkexploit
https://github.com/Kalagious/RevoDetectorExploit/…	exploit
https://www.revouninstaller.com/start-freeware-do…	patch
https://vandalsuidaho-my.sharepoint.com/:w:/g/per…	related
https://youtu.be/JR0KPjWRTns?si=Ff2bUDvv3butJyfP	media-coverage

Impacted products

1 product

Vendor	Product	Version
VS Revo	RevoUninstaller	Affected: 2.5.* Affected: 2.6.* Unaffected: 2.7.0 cpe:2.3:a:vs_revo:revouninstaller::::::::

Credits

Jordanhiggins (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-12193",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-15T12:49:46.059575Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-15T12:49:56.243Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:vs_revo:revouninstaller:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "IOCTL Handler"
          ],
          "product": "RevoUninstaller",
          "vendor": "VS Revo",
          "versions": [
            {
              "status": "affected",
              "version": "2.5.*"
            },
            {
              "status": "affected",
              "version": "2.6.*"
            },
            {
              "status": "unaffected",
              "version": "2.7.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jordanhiggins (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 2.7.0 is sufficient to fix this issue. It is recommended to upgrade the affected component."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.8,
            "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-14T23:30:14.771Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-370839 | VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/370839"
        },
        {
          "name": "VDB-370839 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/370839/cti"
        },
        {
          "name": "CVE-2026-12193 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-12193"
        },
        {
          "name": "Submit #829132 | VS REVO GROUP RevoUninstaller \u003c2.7.0   \u003e2.5.0 Heap-based Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/829132"
        },
        {
          "name": "Submit #829133 | VS REVO GROUP RevoUninstaller \u003c2.7.0   \u003e2.5.0 Heap-based Buffer Overflow (Duplicate)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/829133"
        },
        {
          "tags": [
            "broken-link",
            "exploit"
          ],
          "url": "https://jordanhiggins.blog/revouninstaller-pool-overflow-exploit/"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/Kalagious/RevoDetectorExploit/tree/master"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.revouninstaller.com/start-freeware-download/"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://vandalsuidaho-my.sharepoint.com/:w:/g/personal/higg2059_vandals_uidaho_edu/IQAMHgdfpRAkSqDsoFVswIYNAXjPVFz-admcJyl5ITzYhu0?e=4Ywwza"
        },
        {
          "tags": [
            "media-coverage"
          ],
          "url": "https://youtu.be/JR0KPjWRTns?si=Ff2bUDvv3butJyfP"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-14T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-06-14T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-06-14T09:00:40.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-12193",
    "datePublished": "2026-06-14T23:30:14.771Z",
    "dateReserved": "2026-06-14T06:54:09.764Z",
    "dateUpdated": "2026-06-15T12:49:56.243Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

1 vulnerability by VS Revo

CVE-2026-12193 (GCVE-0-2026-12193)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.