Skip to main content

Zenc

1 CVEs product

Monthly

CVE-2026-33491 HIGH PATCH This Week

The Zen C compiler (versions prior to 0.4.4) crashes or enables arbitrary code execution when processing maliciously crafted .zc source files containing excessively long identifiers for structs, functions, or traits, triggering a stack-based buffer overflow (CWE-121). A proof-of-concept exploit exists per SSVC assessment, though attack complexity remains moderate as it requires local access and user interaction (CVSS:3.1/AV:L/AC:L/PR:N/UI:R). Vendor-released patch: version 0.4.4.

Buffer Overflow RCE Stack Overflow Zenc
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Zen C compiler (versions prior to 0.4.4) crashes or enables arbitrary code execution when processing maliciously crafted .zc source files containing excessively long identifiers for structs, functions, or traits, triggering a stack-based buffer overflow (CWE-121). A proof-of-concept exploit exists per SSVC assessment, though attack complexity remains moderate as it requires local access and user interaction (CVSS:3.1/AV:L/AC:L/PR:N/UI:R). Vendor-released patch: version 0.4.4.

Buffer Overflow RCE Stack Overflow +1
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy