Krzysiek Pawlik

**Name of the Vulnerable Software and Affected Versions** XnView version 1.70 NView version 4.51 **Description** The issue is related to an untrusted search path vulnerability, specifically an RPATH vulnerability, which allows local users to execute arbitrary code. This can be achieved by placing a malicious library in the current working directory. **Recommendations** For XnView version 1.70, update to a version that fixes the RPATH vulnerability. For NView version 4.51, update to a version that fixes the RPATH vulnerability. As a temporary workaround, consider restricting the execution of libraries from untrusted sources in the current working directory until a patch is available.