CVE-2026-11463

Source
https://cve.org/CVERecord?id=CVE-2026-11463
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11463.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-11463
Published
2026-06-07T22:15:12.845Z
Modified
2026-07-08T07:46:35.828678806Z
Severity
  • 2.9 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
USCiLab Cereal Shared Pointer type confusion
Details

A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler. Executing a manipulation can lead to type confusion. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/11xxx/CVE-2026-11463.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-843"
    ]
}
References

Affected packages

Git / github.com/uscilab/cereal

Affected ranges

Type
GIT
Repo
https://github.com/uscilab/cereal
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "1.3.0"
        },
        {
            "last_affected": "1.3.0"
        },
        {
            "introduced": "1.3.1"
        },
        {
            "last_affected": "1.3.1"
        },
        {
            "introduced": "1.3.2"
        },
        {
            "last_affected": "1.3.2"
        }
    ]
}

Affected versions

1.*
1.3.0
1.3.1
1.3.2
v1.*
v1.3.0
v1.3.1
v1.3.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11463.json"