CVE-2026-3391 | FascinatedBox lily up to 2.3 src/lily_emitter.c clear_storages out-of-bounds (Issue 383)

Inserito da Angelo Barbosa | Feb 28, 2026 | CVE

A vulnerability described as problematic has been identified in FascinatedBox lily up to 2.3. Impacted is the function clear_storages of the file src/lily_emitter.c. The manipulation results in out-of-bounds read.

This vulnerability is identified as CVE-2026-3391. The attack is only possible with local access. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-3391 | FascinatedBox lily up to 2.3 src/lily_emitter.c clear_storages out-of-bounds (Issue 383)

Post correlati

CVE-2025-6485 | TOTOLINK A3002R 1.1.1-B20200824.0128 /boafrm/formWlSiteSurvey wlanif os command injection

CVE-2024-31215 | mobsf prior 3.9.8 Firebase Database Check server-side request forgery

CVE-2024-53908 | Django Oracle HasKey sql injection

CVE-2025-22936 | Smartcom Bulgaria AD SAM-4G1G-TT-W-VC/SAM-4F1F-TT-W-A1 WiFi Password default password