Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2026-5314

Опубликовано: 03 апр. 2026
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 4.3

Описание

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

РелизСтатусПримечание
devel

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

jammy

needs-triage

noble

needs-triage

questing

needs-triage

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 10%
0.00033
Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2026-5314

CVSS3: 6.5
redhat
6 дней назад

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

nvd логотип

CVE-2026-5314

CVSS3: 4.3
nvd
6 дней назад

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

debian логотип

CVE-2026-5314

CVSS3: 4.3
debian
6 дней назад

A vulnerability was found in Nothings stb up to 1.26. Impacted is the ...

github логотип

GHSA-x46x-p265-r7jv

CVSS3: 4.3
github
6 дней назад

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

EPSS

Процентиль: 10%
0.00033
Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3