← Voltar para CVEs
CVE-2026-1188
CRITICAL9.8
Descricao
In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not accounting for the separator inserted between processor features. If the output buffer supplied to this function was incorrectly sized, failing to account for the separator when determining when a write to the buffer was safe could lead to a buffer overflow. This issue is fixed in Eclipse OMR version 0.8.0.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado1/29/2026
Ultima modificacao2/9/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
eclipse:omr
Fraquezas (CWE)
CWE-131CWE-120
Referencias
https://github.com/eclipse-omr/omr/pull/8082(emo@eclipse.org)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.