upKeeper Instant Privilege Access: Malicious Code Can Run As Admin

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.0

upKeeper Instant Privilege Access: Malicious Code Can Run As Admin

CVE-2026-2449

Summary

A security flaw in upKeeper Instant Privilege Access allows hackers to inject malicious code that can execute with elevated privileges, potentially leading to unauthorized access and system compromise. This issue affects all versions up to 1.5.0. We recommend updating to the latest version to fix the problem.

Original title

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Exec...

Original description

nvd CVSS4.0 9.0

Vulnerability type

CWE-88

https://support.upkeeper.se/hc/en-us/articles/26783425404444-CVE-2026-2449-Impro...

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026