Kingsoft Kingsoft

  1. Vendors
  2. Kingsoft

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Kingsoft product.

RSS Feeds for Kingsoft security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Kingsoft products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Kingsoft Sorted by Most Security Vulnerabilities since 2018

Kingsoft Wps Office14 vulnerabilities

Kingsoft Internet Security 9 Plus2 vulnerabilities

Kingsoft Jinshan Pdf1 vulnerability

Kingsoft Personal Firewall 91 vulnerability

Kingsoft Wps Presentation1 vulnerability

Known Exploited Kingsoft Vulnerabilities

The following Kingsoft vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Kingsoft WPS Office Path Traversal Vulnerability Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.
CVE-2024-7262 Exploit Probability: 12.4% 		September 3, 2024

By the Year

In 2026 there have been 0 vulnerabilities in Kingsoft. Last year, in 2025 Kingsoft had 5 security vulnerabilities published. Right now, Kingsoft is on track to have less security vulnerabilities in 2026 than it did last year.




Year Vulnerabilities Average Score
2026 0 0.00
2025 5 0.00
2024 3 7.80
2023 2 8.45
2022 5 7.80
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 2 5.50

It may take a day or so for new Kingsoft vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Kingsoft Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2024-57096 May 14, 2025
WPS Office Local Information Disclosure via Crafted File An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file.
Wps Office
CVE-2025-2516 Mar 27, 2025
WPS Office Weak Key Pair Enables Signature Forgery & MITM The use of a weak cryptographic key pair in the signature verification process in WPS Office (Kingsoft) on Windows allows an attacker who successfully recovered the private key to sign components. As older versions of WPS Office did not validate the update server's certificate, an Adversary-In-The-Middle attack was possible allowing updates to be hijacked.
Wps Office
CVE-2024-11957 Mar 04, 2025
Kingsoft WPS Office 12.1 Improper Verif in ksojscore.dll (CVE-2024-11957) Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough.
Wps Office
CVE-2024-56957 Jan 27, 2025
WPS Office iOS 12.20.0 Sensitive Data Exposure via Crafted Link An issue in Kingsoft Office Software Corporation Limited WPS Office iOS 12.20.0 allows attackers to access sensitive user information via supplying a crafted link.
Wps Office
CVE-2024-13187 Jan 08, 2025
Critical Code Injection in Kingsoft WPS Office 6.14.0 TCC Handler on macOS A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Wps Office
CVE-2024-7262 Aug 15, 2024
Kingsoft WPS Office <12.2.0.16412 ProMeceFPluginHost.exe Flaw Loads DLL Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document
Wps Office
CVE-2024-7263 Aug 15, 2024
Kingsoft WPS Office <=12.2.0.17115: Unrestricted DLL Load via promecefpluginhost Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough. Another parameter was not properly sanitized which leads to the execution of an arbitrary Windows library.
Wps Office
CVE-2024-35205 May 14, 2024
WPS Office Android <17.0.0 Path-Traversal via Unsanitized File Names The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aiming to overwrite an existing native library utilized by WPS Office. Successful exploitation could result in the execution of arbitrary commands under the guise of WPS Office's application ID.
Wps Office
CVE-2023-31275 Nov 27, 2023
WPS Office 11.2.0.11537 RCE: Uninitialized Pointer Use in Excel Data Handling An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
Wps Office
CVE-2023-32548 Jun 13, 2023
WPS Office 10.8.0.6186 OS Command Injection via Malicious Server OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where the product is installed.
Wps Office
CVE-2022-26081 Mar 17, 2022
The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
Wps Office
CVE-2022-26511 Mar 17, 2022
WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading). WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading).
Wps Presentation
CVE-2022-25949 Mar 17, 2022
The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow.
Internet Security 9 Plus
CVE-2022-25969 Mar 17, 2022
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs) The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
Wps Office
CVE-2022-25943 Mar 09, 2022
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed.
Wps Office
CVE-2018-7546 Jul 18, 2018
wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file.
Jinshan Pdf
Wps Office
CVE-2018-9151 Mar 30, 2018
A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030.
Internet Security 9 Plus
CVE-2010-5164 Aug 25, 2012
Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
Personal Firewall 9
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.