IM
IronMonkey Threat Research

CVE-2026-42953 HIGH

Published: 2026-07-07 | Last Modified: 2026-07-09 | Status: Awaiting Analysis

Description

The application contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution.

CVSS Metrics

Base Score: 8.4 (HIGH)

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack VectorLOCAL
Attack ComplexityLOW
Attack RequirementsNONE
Privileges RequiredNONE
User InteractionACTIVE
Vulnerability ConfidentialityHIGH
Vulnerability IntegrityHIGH
Vulnerability AvailabilityHIGH
Subsequent ConfidentialityNONE
Subsequent IntegrityNONE
Subsequent AvailabilityNONE

Source: [email protected]

Type: Secondary

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-787
Notification
Message here