CVE-2026-29974: n/a
An issue was discovered in kosma minmea 0.3.0. The minmea_scan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmea_scan on untrusted input are vulnerable to a stack buffer overflow.
AI Analysis
Technical Summary
The vulnerability in kosma minmea 0.3.0 involves the minmea_scan functions which use format specifiers to copy NMEA field data into buffers without size constraints. This lack of bounds checking can cause a stack buffer overflow when handling untrusted input data. The vulnerability is publicly known but lacks a CVSS score and no official fix or patch information is available. Exploitation could result in memory corruption or potential code execution depending on the context of use.
Potential Impact
Applications using the vulnerable minmea_scan functions on untrusted input are susceptible to stack buffer overflow, which may lead to memory corruption. No specific impact details such as remote code execution or denial of service are provided. No known exploits have been reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should avoid processing untrusted input with the vulnerable minmea_scan functions or implement manual input validation and bounds checking to mitigate overflow risk.
CVE-2026-29974: n/a
Description
An issue was discovered in kosma minmea 0.3.0. The minmea_scan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmea_scan on untrusted input are vulnerable to a stack buffer overflow.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in kosma minmea 0.3.0 involves the minmea_scan functions which use format specifiers to copy NMEA field data into buffers without size constraints. This lack of bounds checking can cause a stack buffer overflow when handling untrusted input data. The vulnerability is publicly known but lacks a CVSS score and no official fix or patch information is available. Exploitation could result in memory corruption or potential code execution depending on the context of use.
Potential Impact
Applications using the vulnerable minmea_scan functions on untrusted input are susceptible to stack buffer overflow, which may lead to memory corruption. No specific impact details such as remote code execution or denial of service are provided. No known exploits have been reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should avoid processing untrusted input with the vulnerable minmea_scan functions or implement manual input validation and bounds checking to mitigate overflow risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-03-04T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fe067ecbff5d8610f6727e
Added to database: 5/8/2026, 3:51:26 PM
Last enriched: 5/8/2026, 4:08:02 PM
Last updated: 5/9/2026, 5:54:45 AM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.