CVE-2026-22188
- EPSS 0.17%
- Veröffentlicht 07.01.2026 20:26:13
- Zuletzt bearbeitet 26.05.2026 14:16:28
The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argv_copy and argv_copy2 using alloca() based directly on the...
CVE-2026-22190
- EPSS 0.31%
- Veröffentlicht 07.01.2026 20:25:56
- Zuletzt bearbeitet 26.05.2026 14:16:28
The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp (glyph pattern) command-line option is used directly as the format string for sprintf() with only a single argument s...
CVE-2026-22189
- EPSS 0.44%
- Veröffentlicht 07.01.2026 20:25:37
- Zuletzt bearbeitet 26.05.2026 14:16:28
The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf() call with attacker-controlled input. When constructing glyph filenames, egg-mkfont format...