Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-8363: WOSDeviceDropFolder.dll URL Path Overflow

CVE-2026-8363

Summary

A Windows component can crash or behave unexpectedly if it encounters a very long URL path. This can happen if a user or application sends a specially crafted URL to the affected component. To mitigate this risk, ensure that any custom URL paths are kept short and do not exceed recommended lengths.

Original title

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

Original description

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

nvd CVSS3.1 9.8

Vulnerability type

CWE-121 Stack-based Buffer Overflow

https://www.tenable.com/security/research/TRA-2026-45

Published: 27 May 2026 · Updated: 28 May 2026 · First seen: 27 May 2026