CVE-2026-4833 in discountinformación

Resumen

por MITRE • 2026-03-26

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. The project maintainer confirms: "[I]f you feed it an infinitely deep blockquote input it will crash. (...) [T]his is a duplicate of an old bug that I've been working on."

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgación

2026-03-26

Moderación

aceptado

Artículo

VDB-353138

CPE

listo

CWE

CWE-674 (confirmado)

Explotación

Descargar

CVSS

3.3 (VulDB)

EPSS

0.00020

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-4833
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-4833
CVE Details	https://www.cvedetails.com/cve/CVE-2026-4833/

◂ Anterior Visión De Conjunto Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!