Threats Tagged 'cve-2026-40489'
View all threats tagged with 'cve-2026-40489'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-40489'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-40489: CWE-121: Stack-based Buffer Overflow in editorconfig editorconfig-core-cCVE-2026-40489 0 editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ec_glob() that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directory structure and .editorconfig file. This is an incomplete fix for CVE-2023-0341. The pcre_str buffer was protected in 0.12.6 but the adjacent l_pattern[8194] stack buffer received no equivalent protection. On Ubuntu 24.04, FORTIFY_SOURCE converts the overflow to SIGABRT (DoS). Version 0.12.11 contains an updated fix. Join the discussion | CVE Database V5 | 04/18/2026, 01:24:57 UTC Added: 04/18/2026, 01:38:08 UTC |
Showing 1 to 1 of 1 result