{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T20:41:48.115","vulnerabilities":[{"cve":{"id":"CVE-2025-32780","sourceIdentifier":"security-advisories@github.com","published":"2025-04-15T17:15:49.997","lastModified":"2025-04-15T18:39:27.967","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.6.2 is vulnerable to a DLL Hijacking vulnerability. By placing a malicious DLL with the name uuid.dll in the folder C:\\Users\\<username>\\AppData\\Local\\Microsoft\\WindowsApps\\, an attacker can execute arbitrary code every time BleachBit is run. This issue has been patched in version 4.9.0."},{"lang":"es","value":"BleachBit limpia archivos para liberar espacio en disco y mantener la privacidad. BleachBit para Windows (hasta la versión 4.6.2) es vulnerable a una vulnerabilidad de secuestro de DLL. Al colocar una DLL maliciosa con el nombre uuid.dll en la carpeta C:\\Users\\\\AppData\\Local\\Microsoft\\WindowsApps\\, un atacante puede ejecutar código arbitrario cada vez que se ejecuta BleachBit. Este problema se ha corregido en la versión 4.9.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]}],"references":[{"url":"https:\/\/github.com\/bleachbit\/bleachbit\/commit\/dafeba57dcb14c7ec4a97224ff1408f6b0c2a7f8","source":"security-advisories@github.com"},{"url":"https:\/\/github.com\/bleachbit\/bleachbit\/security\/advisories\/GHSA-ghph-v4x4-vr3c","source":"security-advisories@github.com"}]}}]}