{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28704", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2026-04-03T00:18:56.790Z", "datePublished": "2026-04-10T05:49:59.632Z", "dateUpdated": "2026-04-10T14:03:26.770Z"}, "containers": {"cna": {"affected": [{"vendor": "Japan Computer Emergency Response Team Coordination Center (JPCERT/CC)", "product": "Emocheck", "versions": [{"version": "all versions", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Emocheck insecurely loads Dynamic Link Libraries (DLLs). If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck."}], "problemTypes": [{"descriptions": [{"description": "Uncontrolled Search Path Element", "lang": "en-US", "cweId": "CWE-427", "type": "CWE"}]}], "references": [{"url": "https://www.jpcert.or.jp/press/2026/PR20260410.html"}, {"url": "https://github.com/JPCERTCC/EmoCheck/"}, {"url": "https://jvn.jp/en/jp/JVN00263243/"}], "tags": ["unsupported-when-assigned"], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.4, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-04-10T05:49:59.632Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T14:03:19.904597Z", "id": "CVE-2026-28704", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T14:03:26.770Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28704", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-10T14:03:19.904597Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T14:03:23.314Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 8.4, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Japan Computer Emergency Response Team Coordination Center (JPCERT/CC)", "product": "Emocheck", "versions": [{"status": "affected", "version": "all versions"}]}], "references": [{"url": "https://www.jpcert.or.jp/press/2026/PR20260410.html"}, {"url": "https://github.com/JPCERTCC/EmoCheck/"}, {"url": "https://jvn.jp/en/jp/JVN00263243/"}], "descriptions": [{"lang": "en", "value": "Emocheck insecurely loads Dynamic Link Libraries (DLLs). If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-427", "description": "Uncontrolled Search Path Element"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-04-10T05:49:59.632Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28704", "state": "PUBLISHED", "dateUpdated": "2026-04-10T14:03:26.770Z", "dateReserved": "2026-04-03T00:18:56.790Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2026-04-10T05:49:59.632Z", "assignerShortName": "jpcert"}, "dataVersion": "5.2"}

{"cveTags": [{"sourceIdentifier": "vultures@jpcert.or.jp", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Emocheck insecurely loads Dynamic Link Libraries (DLLs). If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck."}], "id": "CVE-2026-28704", "lastModified": "2026-04-10T07:16:21.023", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2026-04-10T07:16:21.023", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://github.com/JPCERTCC/EmoCheck/"}, {"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN00263243/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.jpcert.or.jp/press/2026/PR20260410.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "vultures@jpcert.or.jp", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Emocheck", "source": "cna", "vendor": "Japan Computer Emergency Response Team Coordination Center (JPCERT/CC)"}, "product": "emocheck", "vendor": "japan_computer_emergency_response_team_coordination_center_(jpcert/cc)"}], "analysis": {"en": {"generated_at": "2026-04-10T07:51:01.461937+00:00", "value": {"mitigation_remediation": ["Obtain and install the latest EmoCheck patch or upgrade to a version that corrects the DLL loading issue.", "Limit write permissions on the EmoCheck installation and working directories to prevent unauthorized DLL placement.", "Monitor JPCERT/CC for additional advisories or updates regarding this vulnerability."], "summary": {"action": "Apply Patch Immediately", "impact": "Local arbitrary code execution"}, "threat_synthesis": {"affected_systems": "This vulnerability affects the EmoCheck utility distributed by the Japan Computer Emergency Response Team Coordination Center. No specific version numbers were disclosed, so any version of EmoCheck currently in use may be vulnerable until a patch or update is applied.", "description_and_impact": "EmoCheck loads dynamic\u2011link libraries without validating the source of the DLL files it loads. This flaw enables an attacker to craft a malicious DLL and place it in the same directory as the application. When EmoCheck starts, it will load the DLL and execute its code with the privileges of the user running the program, satisfying the conditions for remote code execution via local modification of the DLL search order. The weakness corresponds to CWE\u2011427 and can lead to unintended data disclosure, tampering, or full system compromise if the authenticated user has sufficient rights.", "risk_and_exploitability": "The CVSS score of 8.4 indicates a high impact vulnerability. The EPSS score is not available, so the exact likelihood of automated exploitation is unknown. The attack vector is inferred to be local, requiring an attacker to place a malicious DLL in the application's directory\u2014an action that is quite realistic for users who can write files to that location. The flaw is not listed in the CISA KEV catalog, and no public exploits have been reported, yet the combination of high severity and ease of exploitation warrants immediate attention."}}}}, "created": "2026-04-10T08:35:37.642045+00:00", "title": "DLL Loading Vulnerability Allowing Local Arbitrary Code Execution in EmoCheck", "updated": "2026-04-10T09:26:38.820259+00:00", "vendors": ["japan_computer_emergency_response_team_coordination_center_(jpcert/cc)", "japan_computer_emergency_response_team_coordination_center_(jpcert/cc)$PRODUCT$emocheck"]}