PT-2026-28186 · Unknown · Orc Discount

Mthg

·

Publicado

2026-03-26

·

Atualizado

2026-03-26

·

CVE-2026-4833

CVSS v3.1

3.3

Baixa

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions Orc discount versions up to 3.0.1.2
Description A flaw exists in the Markdown Handler component of Orc discount, specifically within the compile function of the markdown.c file. This issue leads to uncontrolled recursion, allowing for local execution of attacks. The exploit is publicly available. The project maintainer acknowledges this as a duplicate of a previously known bug involving an infinitely deep blockquote input causing a crash.
Recommendations Versions prior to 3.0.1.2 should be updated.

Exploit

Correção

Improper Resource Release

Uncontrolled Recursion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-404CWE-674

Identificadores relacionados

CVE-2026-4833

Produtos afetados

Orc Discount