Skip to main content

Cfs

2 CVEs product

Monthly

CVE-2026-5476 LOW Monitor

Integer overflow in NASA cFS CFE_TBL_ValidateCodecLoadSize function (cfe_tbl_passthru_codec.c) on 32-bit systems allows authenticated local attackers with low privileges to cause limited integrity and availability impact, though exploitation requires high attack complexity and no public exploit code has been identified; a fix is planned for an upcoming release milestone.

Integer Overflow Buffer Overflow Cfs
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5475 MEDIUM This Month

Memory corruption in NASA cFS up to version 7.0.0 via manipulation of the CFE_SB_TransmitMsg function in the CCSDS Header Size Handler component allows local attackers with low privileges to corrupt memory, potentially leading to denial of service or information disclosure. No public exploit code or active exploitation has been confirmed; the vendor was notified early but has not yet released a patch as of analysis time.

Buffer Overflow Cfs
NVD VulDB GitHub
CVSS 4.0
5.1
EPSS
0.0%
EPSS 0% CVSS 2.1
LOW Monitor

Integer overflow in NASA cFS CFE_TBL_ValidateCodecLoadSize function (cfe_tbl_passthru_codec.c) on 32-bit systems allows authenticated local attackers with low privileges to cause limited integrity and availability impact, though exploitation requires high attack complexity and no public exploit code has been identified; a fix is planned for an upcoming release milestone.

Integer Overflow Buffer Overflow Cfs
NVD VulDB GitHub
EPSS 0% CVSS 5.1
MEDIUM This Month

Memory corruption in NASA cFS up to version 7.0.0 via manipulation of the CFE_SB_TransmitMsg function in the CCSDS Header Size Handler component allows local attackers with low privileges to corrupt memory, potentially leading to denial of service or information disclosure. No public exploit code or active exploitation has been confirmed; the vendor was notified early but has not yet released a patch as of analysis time.

Buffer Overflow Cfs
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy