CVE-2026-6654 - CERT CVE

  1. CVE-2026-6654

ID CVE-2026-6654
Sažetak Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clear` functions in the thin_vec crate. A panic in `ptr::drop_in_place` skips setting the length to zero.
Reference
CVSS
Base: 5.1
Impact: 2.5
Exploitability:2.5
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW NONE
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Zadnje važnije ažuriranje 20-04-2026 - 19:05
Objavljeno 20-04-2026 - 11:16