CVE-2026-2660 | FascinatedBox lily up to 2.3 src/lily_symtab.c shorthash_for_name use after free (Issue 385)

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability classified as problematic has been found in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthash_for_name of the file src/lily_symtab.c. The manipulation leads to use after free.

This vulnerability is uniquely identified as CVE-2026-2660. Local access is required to approach this attack. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-2660 | FascinatedBox lily up to 2.3 src/lily_symtab.c shorthash_for_name use after free (Issue 385)

Post correlati

CVE-2025-1886 | Sage 200 Spain up to 2025.34.* insufficiently protected credentials

CVE-2025-1339 | TOTOLINK X18 9.1.0cu.2024_B20220329 /cgi-bin/cstecgi.cgi setL2tpdConfig enable command injection

CVE-2025-15348 | Anritsu ShockLine CHX File Parser deserialization (ZDI-25-1199)

CVE-2024-41044 | Linux Kernel up to 6.9.9 ppp_async_encode Privilege Escalation