← Back to CVEs
CVE-2026-2653
MEDIUM5.3
Description
A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. It looks like this product is not really maintained anymore.
CVE Details
CVSS v3.1 Score5.3
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published2/18/2026
Last Modified2/20/2026
Sourcenvd
Honeypot Sightings0
Affected Products
admesh_project:admesh
Weaknesses (CWE)
CWE-119CWE-122
References
https://github.com/admesh/admesh/(cna@vuldb.com)
https://github.com/admesh/admesh/issues/65(cna@vuldb.com)
https://github.com/user-attachments/files/24878279/id.000035.sig.06.src.000550.time.910126.execs.241742.op.havoc.rep.5.zip(cna@vuldb.com)
https://vuldb.com/?ctiid.346450(cna@vuldb.com)
https://vuldb.com/?id.346450(cna@vuldb.com)
https://vuldb.com/?submit.752596(cna@vuldb.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.