CVE-2026-11312
LOW
1,9
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
LOW
3,3
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: low
LOW
1,7
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: single
Confidentiality: none
Integrity: none
Availability: partial
Description
AI Translation Available
A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purge_kv_map in the library /src/infinistore.h of the component KV Map Handler. Performing a manipulation results in inefficient algorithmic complexity. The attack requires a local approach. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
404
Improper Resource Shutdown or Release
DraftCommon Consequences
Security Scopes Affected:
Availability
Other
Confidentiality
Potential Impacts:
Dos: Resource Consumption (Other)
Varies By Context
Read Application Data
Applicable Platforms
All platforms may be affected
407
Inefficient Algorithmic Complexity
IncompleteCommon Consequences
Security Scopes Affected:
Availability
Potential Impacts:
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Dos: Resource Consumption (Other)
Applicable Platforms
All platforms may be affected
https://github.com/bytedance/InfiniStore/
https://github.com/bytedance/InfiniStore/issues/200
https://vuldb.com/cve/CVE-2026-11312
https://vuldb.com/submit/832348
https://vuldb.com/vuln/368398
https://vuldb.com/vuln/368398/cti