Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local-only vector with low-privilege access required to invoke LLVM tools; stack overflow produces a crash with no confidentiality or integrity impact.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Stack-based buffer overflow in LLVM's ValueSymbolTable module (llvm-project versions up to 22.1.6) allows a local, low-privileged attacker to crash the LLVM process by triggering a malformed invocation of llvm::StringMap::insert in /lib/IR/ValueSymbolTable.cpp, resulting in limited availability impact only - no confidentiality or integrity compromise is indicated by the CVSS 4.0 vector. A proof-of-concept exploit has been publicly released, lowering the barrier to triggering the crash in affected developer or CI/CD environments. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Local, authenticated access with at least a low-privilege user account is required - confirmed by the CVSS 4.0 vector's AV:L and PR:L metrics. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 1.9 (Very Low) accurately reflects a tightly scoped threat: local attack vector, low privileges required, no confidentiality or integrity impact, and only limited availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local attacker holding a low-privilege account on a developer workstation or CI/CD build host crafts a malicious LLVM IR file engineered to overflow the stack buffer in llvm::StringMap::insert during symbol table processing. The attacker submits this file to an LLVM-based tool such as llc, opt, or a Clang pipeline, causing the LLVM process to crash and disrupting any ongoing or automated compilation workload. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the LLVM project had not publicly responded to the GitHub disclosure at https://github.com/llvm/llvm-project/issues/199187 as of the reporting date. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Llvm Project
View allSame weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40115
GHSA-p6v6-grg5-r9mw