Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
FinalCode Client Installer Allows Malicious DLL Execution
CVE-2026-25191
Summary
The FinalCode Client installer from Digital Arts Inc. has a flaw that allows a malicious DLL file to run with installer privileges if placed in the same directory. This means that if an attacker tricks a user into installing the software from a compromised directory, they may gain elevated access to the system. To fix this, ensure that the installer is run from a trusted location and avoid installing software from unverified sources.
Original title
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directo...
Original description
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privilege.
nvd CVSS3.0
7.8
nvd CVSS4.0
8.4
Vulnerability type
CWE-427
Uncontrolled Search Path Element
Published: 26 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026