CVE-2026-24820

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-24820

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24820.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-24820

Published

2026-01-27T09:15:52.663Z

Modified

2026-04-10T05:45:25.279737Z

Severity

5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:Amber CVSS Calculator

Summary

[none]

Details

Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files ldebug.C.

This issue affects WickedEngine: before 0.71.705.

References

https://github.com/turanszkij/WickedEngine/pull/1054

Affected packages

Git / github.com/turanszkij/WickedEngine

Affected ranges

Type

GIT

Repo

https://github.com/turanszkij/WickedEngine

Events

Introduced

Fixed

872cac1c6143e1887e2f9b9302c1eb5c3b586ef7

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.71.705"
        }
    ]
}

Affected versions

0.*

0.12.2

0.56.34

v0.*

v0.42.2

v0.48.0

v0.49.1

v0.51.18

v0.59.3

v0.60.4

v0.60.61

v0.60.84

v0.70.0

v0.70.18

v0.71.100

v0.71.124

v0.71.137

v0.71.143

v0.71.176

v0.71.190

v0.71.195

v0.71.219

v0.71.239

v0.71.272

v0.71.285

v0.71.312

v0.71.338

v0.71.34

v0.71.354

v0.71.385

v0.71.392

v0.71.422

v0.71.446

v0.71.47

v0.71.473

v0.71.501

v0.71.531

v0.71.532

v0.71.563

v0.71.585

v0.71.613

v0.71.624

v0.71.645

v0.71.672

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24820.json"