PT-2026-22513 · Unknown · Fascinatedbox Lily
Oneafter
·
Publicado
2026-03-01
·
Atualizado
2026-03-01
·
CVE-2026-3391
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
FascinatedBox lily versions prior to 2.3
Description
A security flaw exists in FascinatedBox lily, potentially leading to an out-of-bounds read. The issue resides within the
clear storages function located in the src/lily emitter.c file. Exploitation requires local access. The exploit code has been publicly released, increasing the risk of attacks. The project maintainers were notified of the issue but have not yet responded.Recommendations
Update to a version of FascinatedBox lily later than 2.3.
As a temporary workaround, consider restricting local access to the affected file
src/lily emitter.c until a patch is available.Exploit
Correção
Buffer Overflow
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Fascinatedbox Lily