VDB

GHSA-x24c-w26v-w8jg

GHSA-x24c-w26v-w8jg PUBLISHED CVSS 9.800000190734863 CRITICAL

In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not accounting for the separator inserted between processor features. If the output buffer supplied to this function was incorrectly sized, failing to account for the separator when determining when a write to the buffer was safe could lead to a buffer overflow. This issue is fixed in Eclipse OMR version 0.8.0.

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

  • Jan 29, 2026 CVE Published
  • Feb 9, 2026 CVE Updated
  • Apr 10, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›