CVE-2026-2653

Sažetak

A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. It looks like this product is not really maintained anymore.

Reference

https://github.com/admesh/admesh/
https://github.com/admesh/admesh/issues/65
https://github.com/admesh/admesh/issues/65#issuecomment-3804571402
https://github.com/user-attachments/files/24878279/id.000035.sig.06.src.000550.time.910126.execs.241742.op.havoc.rep.5.zip
https://vuldb.com/?ctiid.346450
https://vuldb.com/?id.346450
https://vuldb.com/?submit.752596

CVSS

Base:	4.3
Impact:	6.4
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-02-2026 - 16:16

Objavljeno

18-02-2026 - 11:16