CVE-2026-11824

Published: Giu 09, 2026 Last Modified: Giu 09, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 8,5
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: passive
Confidentiality: N/A
Integrity: N/A
Availability: N/A
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4. Attackers can trigger an integer underflow in fts5ChunkIterate() causing an inflated remaining byte count during FTS5 MATCH query processing, leading to a heap buffer overflow of attacker-controlled data in applications compiled with SQLITE_ENABLE_FTS5.

122

Heap-based Buffer Overflow

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality Access Control Other
Potential Impacts:
Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Modify Memory Other
Applicable Platforms
Languages: Memory-Unsafe, C, C++
Likelihood of Exploit: High
View CWE Details
https://sqlite.org/releaselog/3_53_2.html
https://sqlite.org/releaselog/3_53_2.html
https://sqlite.org/src/info/061febcf41ca
https://sqlite.org/src/info/061febcf41ca
https://sqlite.org/src/info/4a5ad516ea93
https://sqlite.org/src/info/4a5ad516ea93
https://www.vulncheck.com/advisories/sqlite-before-heap-buf…
https://www.vulncheck.com/advisories/sqlite-before-heap-buffer-overflow-via-fts…