CVE-2026-5476 | NASA cFS up to 7.0.0 on 32-bit cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow (Issue 954)

Inserito da Angelo Barbosa | Apr 3, 2026 | CVE

A vulnerability marked as critical has been reported in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation leads to integer overflow.

This vulnerability is traded as CVE-2026-5476. Access to the local network is required for this attack to succeed. There is no exploit available.

A fix is planned for the upcoming version milestone of the project.

CVE-2026-5476 | NASA cFS up to 7.0.0 on 32-bit cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow (Issue 954)

Post correlati

CVE-2024-33859 | Logpoint up to 7.3.x Web UI Interesting Field cross site scripting

CVE-2024-29413 | Webasyst 2.9.9 Contact Info Instant messenger cross site scripting

CVE-2026-3315 | ASSA ABLOY Visionline up to 1.32 default permission

CVE-2026-23521 | Traccar up to 6.11.1 Device Image uniqueId path traversal (GHSA-rc28-cvfc-chqr)