CVE-2026-12201 PUBLISHED

A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

• nathan2 (VulDB User) reporter
• VulDB CNA Team coordinator

• VDB-370844 | IObit Malware Fighter DLL permission
• VDB-370844 | CTI Indicators (IOB, IOC, TTP)
• CVE-2026-12201 | CVE Analysis and Report
• Submit #829913 | IObit Malware Fighter 13.2.0 Insecure Permissions in Driver
• https://github.com/nasawyer7/IObitDriverav
• https://nathan2.com/posts/iobit/

• Permission Issues CWE
• Incorrect Privilege Assignment CWE