CVE-2026-5037 in mxml
Sumário (Inglês)
A vulnerability was determined in mxml up to 4.0.4. This issue affects the function index_sort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. This patch is called 6e27354466092a1ac65601e01ce6708710bb9fa5. A patch should be applied to remediate this issue.
Divulgação
29/03/2026
Inscrições
| Publicado em | Base | Temp | Vulnerabilidade | CWE | Prod | Exp | Con | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 27/03/2026 | 3.3 | 3.0 | mxml mxmlIndexNew mxml-index.c index_sort Excesso de tampão | 121 | Desconhecido | Prova de conceito | Correção oficial | 0.00013 | 1.62 | CVE-2026-5037 |