What is CVE-2026-1880?

CVE-2026-1880 is a vulnerability in Asus Driverhub, classified under Time-of-check Time-of-use (TOCTOU) Race Condition. Published 2026-04-16.

Is CVE-2026-1880 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Asus Driverhub

CVE-2026-1880

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a lo…

Vulnerability class: TOCTOU (Time-of-Check to Time-of-Use)

EPSS: 0.000 (0.5th percentile) — read the EPSS interpretation.

Affected products

Asus Driverhub — versions 0

Weakness classification (CWE)

CWE-367 — Time-of-check Time-of-use (TOCTOU) Race Condition

Public proof-of-concept exploits

seokjohn/CVE-2026-1880

References

www.asus.com/security-advisory

Frequently asked questions

What is CVE-2026-1880?: CVE-2026-1880 is a vulnerability in Asus Driverhub, classified under Time-of-check Time-of-use (TOCTOU) Race Condition. Published 2026-04-16.
Is CVE-2026-1880 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.