PT-2026-29652 · Stb · Stb
D0Razi
+1
·
Published
2026-04-01
·
Updated
2026-04-30
·
CVE-2026-5315
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Nothings stb versions up to 1.26
Description
A flaw exists in Nothings stb, specifically within the
stbtt buf get8 function located in the stb truetype.h library of the TTF File Handler component. This issue can lead to an out-of-bounds read. The vulnerability is remotely exploitable and has been publicly disclosed. The vendor was notified but did not respond.Recommendations
Versions prior to 1.26 should be updated.
Exploit
Fix
Buffer Overflow
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Stb