← Back to CVEs
CVE-2026-32928
HIGH7.8
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
CVE Details
CVSS v3.1 Score7.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published4/1/2026
Last Modified4/3/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-121
References
https://felib.fujielectric.co.jp/en/M10010/M20060/document_detail/5d9dd71d-9494-41a4-aa5c-8e6b8b21066b?region=en-glb(vultures@jpcert.or.jp)
https://jvn.jp/en/vu/JVNVU90448293/(vultures@jpcert.or.jp)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.