CVE-2026-6843

Name of the Vulnerable Software and Affected Versions nano (affected versions not specified)

Description A local user can cause a Denial of Service in the application by exploiting a format string flaw in the statusline() function. This occurs when the application attempts to display a directory name containing printf specifiers, resulting in a segmentation fault (SEGV), which is an error that occurs when a program attempts to access a memory location that it is not allowed to access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.