Daniel Soriano

**Name of the Vulnerable Software and Affected Versions** Mp3tag versions up to 3.26d **Description** A vulnerability has been found in the library tak deco lib.dll of the component DLL Handler, leading to an uncontrolled search path. The manipulation can be launched on the local host. It is possible to exploit this issue, and the exploit has been disclosed to the public. The vendor was contacted and responded professionally, releasing a fixed version of the affected product. **Recommendations** For Mp3tag versions up to 3.26d, upgrade to version 3.26e to address this issue. As a temporary workaround, consider restricting access to the `tak deco lib.dll` library until the upgrade is applied.