IDExpert Windows Logon Agent developed by Changing contains a critical Remote Code Execution vulnerability (CVE-2026-3000). The vulnerability allows unauthenticated remote attackers to force the system to download arbitrary DLL files from remote sources and execute them. This represents a severe security flaw that could enable complete system compromise without requiring authentication. The vulnerability affects Windows authentication systems and could potentially be exploited for widespread attacks against enterprise environments using the IDExpert solution.