CVE-2026-24821

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-24821

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24821.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-24821

Published

2026-01-27T09:15:52.797Z

Modified

2026-03-13T04:10:22.674051Z

Severity

9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:M/U:Amber CVSS Calculator

Summary

[none]

Details

Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files lparser.C.

This issue affects WickedEngine: through 0.71.727.

References

https://github.com/turanszkij/WickedEngine/pull/1095

Affected packages

Git / github.com/turanszkij/WickedEngine

Affected ranges

Type

GIT

Repo

https://github.com/turanszkij/WickedEngine

Events

Introduced

Last affected

bc128fe6eb9e898ac4478a4446af9519087905f2

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.71.727."
        }
    ]
}

Affected versions

0.*

0.12.2

0.56.34

v0.*

v0.42.2

v0.48.0

v0.49.1

v0.51.18

v0.59.3

v0.60.4

v0.60.61

v0.60.84

v0.70.0

v0.70.18

v0.71.100

v0.71.124

v0.71.137

v0.71.143

v0.71.176

v0.71.190

v0.71.195

v0.71.219

v0.71.239

v0.71.272

v0.71.285

v0.71.312

v0.71.338

v0.71.34

v0.71.354

v0.71.385

v0.71.392

v0.71.422

v0.71.446

v0.71.47

v0.71.473

v0.71.501

v0.71.531

v0.71.532

v0.71.563

v0.71.585

v0.71.613

v0.71.624

v0.71.645

v0.71.672

v0.71.705

v0.71.711

v0.71.727

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24821.json"