Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96.
AnalysisAI
RapidVMS before PR#96 contains a buffer overflow vulnerability that allows unauthenticated remote attackers to achieve code execution, data theft, or system compromise with minimal user interaction. The flaw stems from improper memory bounds checking and carries a high CVSS score of 8.8 with network-based attack vectors. A patch is available to address this critical memory safety issue.
Technical ContextAI
This vulnerability is a classic buffer overflow (CWE-119) affecting the rapidvms video management system from linkingvision. The affected product is identified via CPE as cpe:2.3:a:linkingvision:rapidvms. CWE-119 represents improper restriction of operations within memory buffer bounds, which typically occurs when software writes data beyond allocated buffer boundaries, allowing attackers to overwrite adjacent memory regions. This can lead to arbitrary code execution, denial of service, or information disclosure. RapidVMS is an open-source video management system, and the vulnerability exists in the core application code that handles memory operations incorrectly.
RemediationAI
Apply the vendor patch by merging or updating to rapidvms with pull request #96 incorporated, available at https://github.com/linkingvision/rapidvms/pull/96. Organizations should immediately update their rapidvms installations to include this security fix. As an interim mitigation until patching is complete, restrict network access to rapidvms interfaces to trusted IP ranges only, implement additional authentication layers, and educate users about the risks of interacting with untrusted content within the VMS interface since user interaction is required for exploitation. Monitor for unusual memory consumption or application crashes that could indicate exploitation attempts.
RapidVMS before patch PR#96 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary c
This is a memory buffer boundary restriction vulnerability (buffer overflow) in LinkingVision RapidVMS that allows an at
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-14750