CVE-2026-24821
CVE-2026-24821
9.3
CriticalPublished:
Last updated:
Source:cve_disclosure@tech.gov.sg
Deferred
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Network
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- None
- User Interaction
- None
- Confidentiality (Vulnerable)
- High
- Integrity (Vulnerable)
- None
- Availability (Vulnerable)
- High
- Confidentiality (Subsequent)
- High
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- High
Description
Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files lparser.C. This issue affects WickedEngine: through 0.71.727.
References
cve_disclosure@tech.gov.sg
https://github.com/turanszkij/WickedEngine/pull/1095