CVE-2026-5476

Published: Apr 03, 2026 Last Modified: Apr 03, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 2,1

Source: [email protected]

Attack Vector: adjacent

Attack Complexity: high

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

MEDIUM 4,6

Source: [email protected]

Attack Vector: adjacent_network

Attack Complexity: high

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: low

MEDIUM 4,0

Source: [email protected]

Access Vector: adjacent_network

Access Complexity: high

Authentication: single

Confidentiality: partial

Integrity: partial

Availability: partial

Description

AI Translation Available

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to be difficult. A fix is planned for the upcoming version milestone of the project.

190

Integer Overflow or Wraparound

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control Other

Potential Impacts:

Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Memory) Dos: Instability Modify Memory Execute Unauthorized Code Or Commands Bypass Protection Mechanism Alter Execution Logic Dos: Resource Consumption (Cpu)

Applicable Platforms

Languages: C, Not Language-Specific

Likelihood of Exploit: Medium

View CWE Details

https://github.com/nasa/cFS/

https://github.com/nasa/cFS/issues/954

https://vuldb.com/submit/781971

https://vuldb.com/vuln/355080

https://vuldb.com/vuln/355080/cti

CVE-2026-5476

Description

Integer Overflow or Wraparound

Common Consequences

Applicable Platforms

Iscriviti alla newsletter