PT-2026-36303 · Unknown+1 · Js8Call-Improved+1
Published
2026-05-01
·
Updated
2026-05-01
·
CVE-2026-42996
CVSS v4.0
10
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:D/RE:M/U:Green |
Name of the Vulnerable Software and Affected Versions
JS8Call versions prior to 2.3.2
JS8Call-improved versions prior to 3.0
Description
A stack-based buffer overflow occurs during the processing of a radio transmission containing @APRSIS GRID followed by a long Maidenhead locator. This issue is located in the
grid2deg() function within the APRSISClient.cpp file.Recommendations
Update JS8Call to version 2.3.2 or later.
Update JS8Call-improved to version 3.0 or later.
Fix
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Js8Call
Js8Call-Improved