Skip to main content

LLVM CVE-2026-13573

| EUVDEUVD-2026-40115 LOW
Stack-based Buffer Overflow (CWE-121)
2026-06-29 VulDB GHSA-p6v6-grg5-r9mw
1.9
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
1.9 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
3.3 LOW

Local-only vector with low-privilege access required to invoke LLVM tools; stack overflow produces a crash with no confidentiality or integrity impact.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 29, 2026 - 15:25 vuln.today
Severity Changed
Jun 29, 2026 - 15:22 NVD
MEDIUM LOW
CVSS changed
Jun 29, 2026 - 15:22 NVD
4.8 (MEDIUM) 1.9 (LOW)

DescriptionCVE.org

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Stack-based buffer overflow in LLVM's ValueSymbolTable module (llvm-project versions up to 22.1.6) allows a local, low-privileged attacker to crash the LLVM process by triggering a malformed invocation of llvm::StringMap::insert in /lib/IR/ValueSymbolTable.cpp, resulting in limited availability impact only - no confidentiality or integrity compromise is indicated by the CVSS 4.0 vector. A proof-of-concept exploit has been publicly released, lowering the barrier to triggering the crash in affected developer or CI/CD environments. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain low-privilege local account access
Delivery
Craft malicious LLVM IR with oversized symbol name
Exploit
Submit IR to LLVM tool (llc, opt, or Clang)
Execution
Trigger stack buffer overflow in llvm::StringMap::insert
Impact
Crash LLVM process, disrupting compilation pipeline

Vulnerability AssessmentAI

Exploitation Local, authenticated access with at least a low-privilege user account is required - confirmed by the CVSS 4.0 vector's AV:L and PR:L metrics. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 1.9 (Very Low) accurately reflects a tightly scoped threat: local attack vector, low privileges required, no confidentiality or integrity impact, and only limited availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local attacker holding a low-privilege account on a developer workstation or CI/CD build host crafts a malicious LLVM IR file engineered to overflow the stack buffer in llvm::StringMap::insert during symbol table processing. The attacker submits this file to an LLVM-based tool such as llc, opt, or a Clang pipeline, causing the LLVM process to crash and disrupting any ongoing or automated compilation workload. …
Remediation No vendor-released patch has been identified at time of analysis - the LLVM project had not publicly responded to the GitHub disclosure at https://github.com/llvm/llvm-project/issues/199187 as of the reporting date. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-13573 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy