CVE-2026-40494: CWE-787: Out-of-bounds Write in HappySeaFox sail
CVE-2026-40494 is a critical out-of-bounds write vulnerability in the HappySeaFox sail library's TGA codec RLE decoder. The flaw exists in the raw-packet path of the decoder, where a missing bounds check allows writing up to 496 bytes beyond the heap buffer. This vulnerability can lead to severe impacts including arbitrary code execution or application crashes. The issue was fixed in commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. The vulnerability has a CVSS score of 9. 8, indicating a critical severity level. No known exploits are reported in the wild. Patch status is not explicitly confirmed in the provided data, so users should verify the vendor repository for the fixed commit.
AI Analysis
Technical Summary
The HappySeaFox sail library, used for image loading and saving, contained an out-of-bounds write vulnerability (CWE-787) in its TGA codec's RLE decoder. Specifically, the raw-packet decoding path lacked proper bounds checking, allowing an attacker to write up to 496 bytes beyond the allocated heap buffer. This flaw was addressed in commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. The vulnerability is remotely exploitable without privileges or user interaction and has a CVSS 3.1 base score of 9.8, reflecting high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation of this vulnerability can lead to arbitrary code execution, data corruption, or denial of service due to heap buffer overflow. The critical CVSS score (9.8) reflects the potential for full system compromise when processing malicious TGA images using affected versions of the sail library prior to the fixed commit.
Mitigation Recommendations
The vulnerability is fixed in commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. Users and developers should update to this commit or a later version that includes the fix. Since no official vendor advisory or patch link is provided, verify the fix directly in the HappySeaFox sail project repository. Patch status is not yet confirmed by a vendor advisory; users should monitor official sources for formal updates.
CVE-2026-40494: CWE-787: Out-of-bounds Write in HappySeaFox sail
Description
CVE-2026-40494 is a critical out-of-bounds write vulnerability in the HappySeaFox sail library's TGA codec RLE decoder. The flaw exists in the raw-packet path of the decoder, where a missing bounds check allows writing up to 496 bytes beyond the heap buffer. This vulnerability can lead to severe impacts including arbitrary code execution or application crashes. The issue was fixed in commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. The vulnerability has a CVSS score of 9. 8, indicating a critical severity level. No known exploits are reported in the wild. Patch status is not explicitly confirmed in the provided data, so users should verify the vendor repository for the fixed commit.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The HappySeaFox sail library, used for image loading and saving, contained an out-of-bounds write vulnerability (CWE-787) in its TGA codec's RLE decoder. Specifically, the raw-packet decoding path lacked proper bounds checking, allowing an attacker to write up to 496 bytes beyond the allocated heap buffer. This flaw was addressed in commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. The vulnerability is remotely exploitable without privileges or user interaction and has a CVSS 3.1 base score of 9.8, reflecting high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation of this vulnerability can lead to arbitrary code execution, data corruption, or denial of service due to heap buffer overflow. The critical CVSS score (9.8) reflects the potential for full system compromise when processing malicious TGA images using affected versions of the sail library prior to the fixed commit.
Mitigation Recommendations
The vulnerability is fixed in commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. Users and developers should update to this commit or a later version that includes the fix. Since no official vendor advisory or patch link is provided, verify the fix directly in the HappySeaFox sail project repository. Patch status is not yet confirmed by a vendor advisory; users should monitor official sources for formal updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-13T19:50:42.115Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e2ee8ebdfbbecc59cda5df
Added to database: 4/18/2026, 2:38:06 AM
Last enriched: 4/18/2026, 2:53:04 AM
Last updated: 4/18/2026, 3:40:09 AM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.