ByteOS Network

Vulnerability Details :

CVE-2026-24872

Assigner Org ID-1a37b84a-8e51-4525-b3d6-87e2fae01dbd

Published At-27 Jan, 2026 | 15:51

Updated At-04 Feb, 2026 | 17:56

Pointer arithmetic error in SkyFire_548

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:GovTech CSG

Assigner Org ID:1a37b84a-8e51-4525-b3d6-87e2fae01dbd

Published At:27 Jan, 2026 | 15:51

Updated At:04 Feb, 2026 | 17:56

▼CVE Numbering Authority (CNA)

Pointer arithmetic error in SkyFire_548

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.

Affected Products

Vendor

ProjectSkyfire

Product

SkyFire_548

Default Status

unaffected

Versions

Affected

From 0 before 5.4.8-stable5 (git)

Metrics

Version	Base score	Base severity	Vector
3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Credits

finder

TITAN Team (titancaproject@gmail.com)

References

Hyperlink	Resource
https://github.com/cadaver/turso3d/pull/11	N/A

Hyperlink: https://github.com/cadaver/turso3d/pull/11

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Problem Types

Type	CWE ID	Description
CWE	CWE-468	CWE-468 Incorrect Pointer Scaling

Type: CWE

CWE ID: CWE-468

Description: CWE-468 Incorrect Pointer Scaling

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve_disclosure@tech.gov.sg

Published At:27 Jan, 2026 | 16:16

Updated At:04 Feb, 2026 | 18:16

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses

CWE ID	Type	Source
CWE-468	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-468

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://github.com/cadaver/turso3d/pull/11	cve_disclosure@tech.gov.sg	N/A

Hyperlink: https://github.com/cadaver/turso3d/pull/11

Source: cve_disclosure@tech.gov.sg

Resource: N/A

Similar CVEs

2Records found

CVE-2024-1915

Matching Score-4

Assigner-Mitsubishi Electric Corporation

View Details

Matching Score-4

Assigner-Mitsubishi Electric Corporation

CVSS Score-9.8||CRITICAL

EPSS-0.43% / 61.70%

7 Day CHG~0.00%

Published-15 Mar, 2024 | 00:00

Updated-27 Aug, 2024 | 19:56

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

Vendor-Mitsubishi Electric Corporation

Product-MELSEC-Q Series Q26UDPVCPU MELSEC-Q Series Q50UDEHCPU MELSEC-L Series L06CPU MELSEC-Q Series Q20UDEHCPU MELSEC-Q Series Q06UDEHCPU MELSEC-Q Series Q04UDEHCPU MELSEC-Q Series Q04UDVCPU MELSEC-L Series L02CPU MELSEC-Q Series Q03UDECPU MELSEC-L Series L26CPU-BT MELSEC-Q Series Q13UDPVCPU MELSEC-L Series L26CPU-P MELSEC-Q Series Q06UDPVCPU MELSEC-Q Series Q06UDVCPU MELSEC-Q Series Q26UDEHCPU MELSEC-Q Series Q100UDEHCPU MELSEC-L Series L26CPU-PBT MELSEC-Q Series Q03UDVCPU MELSEC-Q Series Q13UDEHCPU MELSEC-Q Series Q13UDVCPU MELSEC-Q Series Q04UDPVCPU MELSEC-Q Series Q26UDVCPU MELSEC-L Series L06CPU-P MELSEC-L Series L26CPU MELSEC-L Series L02CPU-P MELSEC-Q Series Q10UDEHCPU melsec_q13udpvcpu melsec_q03udvcpu melsec_l02cpu-p melsec_q-q03udecpu melsec_l06cpu-p melsec_l26cpu-p l02cpu-p l26cpu-bt melsec_q-q100udehcpu melsec_q-q10udehcpu melsec_q06udpvcpu melsec_q-q06udehcpu melsec_l06cpu\(-p\)melsec_q-q26udehcpu melsec_q-q04udehcpu melsec_q-q20udehcpu melsec_q13udvcpu melsec_q26udvcpu melsec_q-q13udehcpu melsec_q-q50udehcpu melsec_q06udvcpu melsec_q04udvcpu melsec_l26cpu-pbt melsec_l26cpu\(-p\)melsec_q26udpvcpu

CWE ID-CWE-468

Incorrect Pointer Scaling

CVE-2024-0802

Matching Score-4

Assigner-Mitsubishi Electric Corporation

View Details

Matching Score-4

Assigner-Mitsubishi Electric Corporation

CVSS Score-9.8||CRITICAL

EPSS-0.36% / 57.65%

7 Day CHG~0.00%

Published-14 Mar, 2024 | 23:57

Updated-01 Aug, 2024 | 18:18

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet.

Vendor-Mitsubishi Electric Corporation

CWE ID-CWE-468

Incorrect Pointer Scaling

CVE-2026-24872

Credits

Pointer arithmetic error in SkyFire_548

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs