Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-8376

Summary
Assigner-CPANSec
Assigner Org ID-9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At-25 May, 2026 | 23:53
Updated At-27 May, 2026 | 18:04
Rejected At-
Credits

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer. A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CPANSec
Assigner Org ID:9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At:25 May, 2026 | 23:53
Updated At:27 May, 2026 | 18:04
Rejected At:
â–¼CVE Numbering Authority (CNA)
Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer. A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.

Affected Products
Vendor
SHAY
Product
perl
Collection URL
https://cpan.org/modules
Package Name
perl
Repo
https://github.com/Perl/perl5
Program Files
  • regcomp_study.c
Program Routines
  • Perl_study_chunk
Default Status
unaffected
Versions
Affected
  • From 0 through 5.43.10 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-680CWE-680 Integer Overflow to Buffer Overflow
Type: CWE
CWE ID: CWE-680
Description: CWE-680 Integer Overflow to Buffer Overflow
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade to a future perl release, or apply the upstream patch.

Configurations
Workarounds

On 32-bit perl builds, avoid compiling regular expressions from untrusted input until a fixed release is installed.

Exploits
Credits
Timeline
EventDate
Issue reported.2026-04-24 00:00:00
Fix merged to blead.2026-05-20 00:00:00
Event: Issue reported.
Date: 2026-04-24 00:00:00
Event: Fix merged to blead.
Date: 2026-05-20 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch
patch
Hyperlink: https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch
Resource:
patch
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2026/05/26/1
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/05/26/1
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At:26 May, 2026 | 00:16
Updated At:27 May, 2026 | 19:16

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer. A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CPE Matches
perl
perl
>>perl>>Versions up to 5.43.10(inclusive)
cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-680Secondary9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE ID: CWE-680
Type: Secondary
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch9b29abf9-4ab0-4765-b253-1875cd9b441e
Patch
http://www.openwall.com/lists/oss-security/2026/05/26/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
Hyperlink: https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource:
Patch
Hyperlink: http://www.openwall.com/lists/oss-security/2026/05/26/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

17Records found
CVE-2026-10879
Matching Score-8
Assigner-CPAN Security Group
ShareView Details
Matching Score-8
Assigner-CPAN Security Group
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 16.60%
||
7 Day CHG~0.00%
Published-05 Jun, 2026 | 14:30
Updated-10 Jun, 2026 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require four characters, 100-999 require five characters, et cetera.

Action-Not Available
Vendor-perlHMBRAND
Product-dbiDBI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-9698
Matching Score-8
Assigner-CPAN Security Group
ShareView Details
Matching Score-8
Assigner-CPAN Security Group
CVSS Score-7.5||HIGH
EPSS-0.02% / 4.23%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 07:22
Updated-09 Jun, 2026 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DBI versions before 1.648 for Perl saved errors in a limited-sized buffer

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a buffer overflow.

Action-Not Available
Vendor-perlHMBRAND
Product-dbiDBI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4176
Matching Score-8
Assigner-CPAN Security Group
ShareView Details
Matching Score-8
Assigner-CPAN Security Group
CVSS Score-9.8||CRITICAL
EPSS-0.03% / 8.19%
||
7 Day CHG~0.00%
Published-29 Mar, 2026 | 20:50
Updated-22 Apr, 2026 | 17:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of zlib which has several vulnerabilities, including CVE-2026-27171. The bundled Compress::Raw::Zlib was updated to version 2.221 in Perl blead commit c75ae9cc164205e1b6d6dbd57bd2c65c8593fe94.

Action-Not Available
Vendor-perlSHAY
Product-perlperl
CWE ID-CWE-1395
Dependency on Vulnerable Third-Party Component
CVE-2022-48522
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-17.32% / 95.18%
||
7 Day CHG~0.00%
Published-22 Aug, 2023 | 00:00
Updated-03 Oct, 2024 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.

Action-Not Available
Vendor-perln/a
Product-perln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-55564
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.86%
||
7 Day CHG~0.00%
Published-09 Dec, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow.

Action-Not Available
Vendor-n/aperl
Product-n/aposix_2028
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-45321
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.71% / 72.61%
||
7 Day CHG~0.00%
Published-27 Aug, 2024 | 00:00
Updated-05 Dec, 2024 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.

Action-Not Available
Vendor-app\n/aperl
Product-\n/acpanminus
CWE ID-CWE-494
Download of Code Without Integrity Check
CVE-2021-40417
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 81.73%
||
7 Day CHG~0.00%
Published-22 Dec, 2021 | 18:07
Updated-04 Aug, 2024 | 02:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were parsed for the submitted video by the R3D SDK to calculate the size of a heap buffer. Due to an integer overflow with regards to this calculation, this can result in an undersized heap buffer being allocated. When this heap buffer is written to, a heap-based buffer overflow will occur. This can result in code execution under the context of the application.

Action-Not Available
Vendor-blackmagicdesignn/a
Product-davinci_resolveBlackmagic Design
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-35289
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.57% / 81.92%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.

Action-Not Available
Vendor-Facebook
Product-hermesHermes
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-21832
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.1||HIGH
EPSS-0.56% / 68.66%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 19:01
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-disc-softn/a
Product-daemon_toolsDisc
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-21783
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-4.51% / 89.37%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 16:01
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-genivian/aOracle Corporation
Product-communications_diameter_signaling_routercommunications_eagle_application_processortekelec_virtual_operating_environmentcommunications_eagle_lnp_application_processorcommunications_lsmsgsoapGenivia
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-8794
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-8.30% / 92.42%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 20:00
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

Action-Not Available
Vendor-rdesktopDebian GNU/LinuxCheck Point Software Technologies Ltd.openSUSE
Product-rdesktopdebian_linuxleaprdesktop
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-8786
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-14.33% / 94.55%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 17:00
Updated-17 Sep, 2024 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

Action-Not Available
Vendor-Canonical Ltd.FreeRDPCheck Point Software Technologies Ltd.Fedora ProjectRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusfreerdpenterprise_linux_server_ausenterprise_linux_workstationfedoraenterprise_linux_server_tusenterprise_linux_desktopFreeRDP
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2018-8795
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-9.12% / 92.84%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 20:00
Updated-16 Sep, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.

Action-Not Available
Vendor-rdesktopDebian GNU/LinuxCheck Point Software Technologies Ltd.openSUSE
Product-rdesktopdebian_linuxleaprdesktop
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-8787
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-10.12% / 93.25%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 17:00
Updated-16 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.

Action-Not Available
Vendor-Canonical Ltd.FreeRDPCheck Point Software Technologies Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxfreerdpenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_eusenterprise_linux_server_tusenterprise_linux_desktopFreeRDP
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-13576
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-0.76% / 73.75%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 00:00
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-genivian/aFedora Project
Product-gsoapfedoraGenivia
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-54952
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.10% / 78.45%
||
7 Day CHG+0.71%
Published-07 Aug, 2025 | 23:08
Updated-08 Aug, 2025 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.

Action-Not Available
Vendor-Meta Platforms, Inc.
Product-ExecuTorch
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2024-33078
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.56% / 81.86%
||
7 Day CHG~0.00%
Published-01 May, 2024 | 00:00
Updated-15 Sep, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution.

Action-Not Available
Vendor-tencentn/atencent
Product-libpagn/alibpag
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
Details not found