CVE-2026-0708

Name of the Vulnerable Software and Affected Versions libucl (affected versions not specified)

Description A flaw exists in libucl where a remote attacker can cause a Denial of Service (DoS) by providing a specially crafted Universal Configuration Language (UCL) input. This input contains a key with an embedded null byte, which triggers a segmentation fault (SEGV fault) within the ucl object emit function during parsing and emission of the object. A segmentation fault is a type of error that occurs when a program attempts to access a memory location that it is not allowed to access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.