CVE-2026-42199

Published: Mag 09, 2026 Last Modified: Mag 09, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,2

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: none

Availability: high

Description

AI Translation Available

Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expand_rows() can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get() may invoke get_unchecked() with an invalid index, resulting in Undefined Behavior. This issue has been patched in version 1.0.1.

190

Integer Overflow or Wraparound

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control Other

Potential Impacts:

Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Memory) Dos: Instability Modify Memory Execute Unauthorized Code Or Commands Bypass Protection Mechanism Alter Execution Logic Dos: Resource Consumption (Cpu)

Applicable Platforms

Languages: C, Not Language-Specific

Likelihood of Exploit: Medium

View CWE Details

https://github.com/becheran/grid/commit/be213bd3528727148be…

https://github.com/becheran/grid/commit/be213bd3528727148bef2d523c89e95d1fd9c072

https://github.com/becheran/grid/releases/tag/v1.0.1

https://github.com/becheran/grid/security/advisories/GHSA-3…

https://github.com/becheran/grid/security/advisories/GHSA-38c5-483c-4qqp

CVE-2026-42199

Description

Integer Overflow or Wraparound

Common Consequences

Applicable Platforms

Iscriviti alla newsletter