CVE-2026-24805

Source
https://cve.org/CVERecord?id=CVE-2026-24805
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24805.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-24805
Published
2026-01-27T08:41:18.867Z
Modified
2026-07-08T07:07:16.724648827Z
Severity
  • 6.7 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:L/U:Amber CVSS Calculator
Summary
Mishandles certain out-of-memory conditions in visualfc/liteide via liteidex/src/3rdparty/libvterm/src module
Details

NULL Pointer Dereference vulnerability in visualfc liteide (liteidex/src/3rdparty/libvterm/src modules). This vulnerability is associated with program files screen.C, state.C, vterm.C.

This issue affects liteide: before x38.4.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/24xxx/CVE-2026-24805.json",
    "cwe_ids": [
        "CWE-476"
    ],
    "cna_assigner": "GovTech CSG"
}
References

Affected packages

Git / github.com/visualfc/liteide

Affected ranges

Type
GIT
Repo
https://github.com/visualfc/liteide
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "x38.4"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "DESCRIPTION"
    ]
}

Affected versions

Other
X25
x15
x16
x17
x18
x19
x25
x26
x27
x28
x29
x30
x31
x32
x33
x34
x35
x36
x37
x15.*
x15.1
x15.2
x18.*
x18.1
x18.2
x25.*
x25.1
x25.2
x27.*
x27.1
x27.2
x27.2.1
x30.*
x30.1
x30.2
x30.3
x31.*
x31.1
x32.*
x32.1
x32.2
x33.*
x33.1
x33.2
x33.3
x34.*
x34.1
x34.2
x34.3
x35.*
x35.1
x35.2
x35.3
x35.4
x35.5
x36.*
x36.1
x36.2
x36.3
x37.*
x37.1
x37.2
x37.3
x37.4
x38.*
x38.0
x38.1
x38.2
x38.2.1
x38.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24805.json"