## Summary CVE-2026-32680 is a HIGH severity vulnerability (CVSS 8.5) in the RATOC RAID Monitoring Manager for Windows installer. When a non-default installation folder is specified, the installer fails to apply secure Access Control Lists (ACLs), leaving the folder writable by non-administrative users. This allows local privilege escalation to SYSTEM through executable replacement or DLL planting attacks [truncated]
## Summary CVE-2026-28760 is a **HIGH** severity vulnerability (CVSS 8.4) in the RATOC RAID Monitoring Manager for Windows installer. The installer performs unsafe DLL loading from the current working directory, enabling arbitrary code execution with administrator privileges if a user is tricked into placing a malicious DLL alongside the installer. ## Technical Details The vulnerability stems from **CWE-4 [truncated]
