Skip to main content

Hcl Traveler For Microsoft Outlook Htmo

1 CVEs product

Monthly

CVE-2026-21770 MEDIUM PATCH This Month

DLL hijacking in HCL Traveler for Microsoft Outlook (HTMO) permits a local, high-privileged attacker to replace or plant a malicious DLL in a directory searched by the application at load time, enabling arbitrary code execution within the HTMO process context. The CVSS vector (AV:L/AC:L/PR:H/UI:R) confirms the attack is constrained to local access with elevated privileges and requires a user to trigger application load, substantially limiting real-world exploitability despite the full C/I/A:H impact ratings. No public exploit code and no CISA KEV listing have been identified at time of analysis.

Information Disclosure Microsoft Hcl Traveler For Microsoft Outlook Htmo
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

DLL hijacking in HCL Traveler for Microsoft Outlook (HTMO) permits a local, high-privileged attacker to replace or plant a malicious DLL in a directory searched by the application at load time, enabling arbitrary code execution within the HTMO process context. The CVSS vector (AV:L/AC:L/PR:H/UI:R) confirms the attack is constrained to local access with elevated privileges and requires a user to trigger application load, substantially limiting real-world exploitability despite the full C/I/A:H impact ratings. No public exploit code and no CISA KEV listing have been identified at time of analysis.

Information Disclosure Microsoft Hcl Traveler For Microsoft Outlook Htmo
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy