CVE-2026-3994

Name of the Vulnerable Software and Affected Versions rui314 mold versions up to 2.40.4

Description A flaw exists in rui314 mold, specifically within the mold::ObjectFilemold::X86 64::initialize sections function located in the src/input-files.cc file of the Object File Handler component. A manipulation of the input can lead to a heap-based buffer overflow. Local access is required for exploitation. The exploit for this issue is publicly available. The project maintainers were notified of the problem but have not yet responded.

Recommendations Versions up to 2.40.4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.