CVE-2025-10198

Description

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories.

References

https://kb.cert.org/vuls/id/974249

https://www.kb.cert.org/vuls/id/974249

https://github.com/LizardByte/Sunshine/pull/3971

https://github.com/LizardByte/Sunshine/commit/9db11a906167bd962e57896223d7b9718058aeb2

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS