CVE-2026-2940

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Zaher1307 tiny web server versions prior to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b

Description A flaw exists in the URL Handler component of Zaher1307 tiny web server. This issue allows for an out-of-bounds write, potentially enabling remote attacks. The vulnerable code resides within the tiny web server/tiny.c file, specifically in the tiny web server/tiny.c function. The vulnerability has been publicly disclosed.

Recommendations Update Zaher1307 tiny web server to a version prior to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b.

Exploit

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

CVE-2026-2940

Affected Products

Tiny Web Server

CVE-2026-2940

Weakness Enumeration

Related Identifiers

Affected Products

References · 12