Trueconf
Vulnerabilities
2
Known exploited
1
Max CVSS
7.8
Top EPSS
0.0575
Severity breakdown
Critical
0
High
2
Medium
0
Low
0
Affected version ranges
< 8.5.3.884
Also matched as (raw): trueconf
Top vulnerabilities
CVE-2026-3502TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.
CVE-2025-66835TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context.