CWE-121— Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).— MITRE CWE catalog
3,273 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 60 of 66
- CVE-2026-15693HIGHCVSS 8.8EG 8.82026-07-14
A security vulnerability has been detected in Tenda BE12 Pro 16.03.66.23. This issue affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It i…
- CVE-2026-15694HIGHCVSS 8.8EG 8.82026-07-14
A vulnerability was detected in Tenda BE12 Pro 16.03.66.23. Impacted is the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the at…
- CVE-2026-15695HIGHCVSS 8.8EG 8.82026-07-14
A flaw has been found in Tenda BE12 Pro 16.03.66.23. The affected element is the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes stack-based buffer overflow. The attack can be i…
- CVE-2026-15696HIGHCVSS 8.8EG 8.82026-07-14
A vulnerability has been found in Tenda BE12 Pro 16.03.66.23. The impacted element is the function fromVirtualSer of the file /goform/VirtualSer. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can b…
- CVE-2026-1637HIGHCVSS 8.8EG 8.82026-01-29
A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation leads to stack-based buffer overflow. Remote exploitation of the attac…
- CVE-2026-1761HIGHCVSS 8.6EG 8.62026-02-02
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted mul…
- CVE-2026-1871MEDIUMCVSS 6.5EG 6.52026-06-02
TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful expl…
- CVE-2026-1950CRITICALCVSS 9.8EG 9.82026-04-24
Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability.
- CVE-2026-1951CRITICALCVSS 9.8EG 9.82026-04-24
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability.
- CVE-2026-2016MEDIUMCVSS 5.3EG 5.32026-02-06
A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local acce…
- CVE-2026-2017CRITICALCVSS 9.8EG 9.82026-02-06
A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data result…
- CVE-2026-2069LOWCVSS 3.3EG 3.32026-02-06
A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer …
- CVE-2026-20797MEDIUMCVSS 4.3EG 4.32026-02-27
A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corruption and a termination of the program.
- CVE-2026-21224HIGHCVSS 7.8EG 7.82026-01-13
Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
- CVE-2026-2180HIGHCVSS 8.8EG 8.82026-02-08
A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation of the argument ssid_5g leads to stack-based buffer overflow. The attack can be launched …
- CVE-2026-2181HIGHCVSS 8.8EG 8.82026-02-08
A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in st…
- CVE-2026-2185HIGHCVSS 8.8EG 8.82026-02-08
A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes st…
- CVE-2026-2186HIGHCVSS 8.8EG 8.82026-02-08
A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed f…
- CVE-2026-2187HIGHCVSS 8.8EG 8.82026-02-08
A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possi…
- CVE-2026-21903MEDIUMCVSS 6.5EG 6.52026-01-15
A Stack-based Buffer Overflow vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a network-based attacker, authenticated with low privileges to cause a Denial-of-Service (DoS). Subscribing to telem…
- CVE-2026-2191HIGHCVSS 7.2EG 7.22026-02-08
A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. T…
- CVE-2026-2192HIGHCVSS 7.2EG 7.22026-02-08
A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads…
- CVE-2026-22189CRITICALCVSS 9.8EG 9.82026-01-07
The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf() call with attacker-controlled input. When constructing glyph filenames, egg-mk…
- CVE-2026-22212MEDIUMCVSS 4.8EG 4.82026-01-12
TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy() and strcat() functions when constructing device paths during au…
- CVE-2026-22213CRITICALCVSS 9.8EG 9.82026-01-12
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a de…
- CVE-2026-22214CRITICALCVSS 9.8EG 9.82026-01-12
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _han…
- CVE-2026-22262MEDIUMCVSS 5.9EG 5.92026-01-27
Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.…
- CVE-2026-22903CRITICALCVSS 9.8EG 9.82026-02-09
An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the modified lighttpd server, causing it to crash and potentially enabling remote co…
- CVE-2026-22904CRITICALCVSS 9.8EG 9.82026-02-09
Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition …
- CVE-2026-22923HIGHCVSS 7.8EG 7.82026-02-10
A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with …
- CVE-2026-23747LOWCVSS 3.7EG 3.72026-02-26
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpers copy network-supplied payload data i…
- CVE-2026-24085HIGHCVSS 7.2EG 7.22026-06-01
Memory Corruption when processing display command line information due to improper initialization of a variable.
- CVE-2026-24465CRITICALCVSS 9.8EG 9.82026-02-03
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
- CVE-2026-24881CRITICALCVSS 9.8EG 8.12026-01-27
In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial…
- CVE-2026-24882HIGHCVSS 7.8EG 8.42026-01-27
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.
- CVE-2026-25268HIGHCVSS 8.8EG 8.82026-07-06
Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
- CVE-2026-25502HIGHCVSS 7.8EG 7.82026-02-03
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml() function when processing malfo…
- CVE-2026-25584HIGHCVSS 7.8EG 7.82026-02-04
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum<>::Get…
- CVE-2026-2565MEDIUMCVSS 6.6EG 6.62026-02-16
A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the function sub_40785C of the file /cgi-bin/adm.cgi. This manipulation of the argument time_zone causes stack-based buffer overflow. The attack can b…
- CVE-2026-2566HIGHCVSS 7.2EG 7.22026-02-16
A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub_406194 of the file /cgi-bin/adm.cgi. Such manipulation of the argument firmware_url leads to stack-based buffer overflow. The att…
- CVE-2026-2567HIGHCVSS 7.2EG 7.22026-02-16
A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the function sub_401218 of the file /cgi-bin/nas.cgi. Performing a manipulation of the argument User1Passwd results in stack-based buffer overflow. The…
- CVE-2026-25727MEDIUMCVSS 6.5EG 6.52026-02-06
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relie…
- CVE-2026-25823CRITICALCVSS 9.8EG 9.82026-03-13
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achiev…
- CVE-2026-25833HIGHCVSS 7.5EG 7.52026-04-01
Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function
- CVE-2026-25967HIGHCVSS 7.4EG 7.42026-02-24
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bound…
- CVE-2026-25968CRITICALCVSS 9.8EG 9.82026-02-24
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fix…
- CVE-2026-26239HIGHCVSS 8.1EG 8.12026-06-10
A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in…
- CVE-2026-26240CRITICALCVSS 9.1EG 9.12026-06-10
A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Fil…
- CVE-2026-26241CRITICALCVSS 9.1EG 9.12026-06-10
A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Fil…
- CVE-2026-26269MEDIUMCVSS 5.4EG 5.42026-02-13
Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when processing the specialKeys command, affecting Vim builds that enable and use the NetBeans f…
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →