uuid CVE-2026-41988

EUVD-2026-25190 LOW

Always-Incorrect Control Flow Implementation (CWE-670)

2026-04-23 mitre

GHSA-qmq6-f8pr-cx5x

Information Disclosure

3.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 23, 2026 - 07:01 vuln.today

Patch available

Apr 23, 2026 - 06:16 EUVD

DescriptionNVD

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue.

AnalysisAI

UUID library versions before 14.0.0 make unexpected writes to external output buffers when generating UUID versions 3, 5, or 6, potentially corrupting adjacent memory. UUID version 4, the most commonly deployed variant, is unaffected. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-41988 vulnerability details – vuln.today

Back

uuid CVE-2026-41988

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code