CVE-2026-24822

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-24822

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24822.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-24822

Published

2026-01-27T09:15:52.937Z

Modified

2026-03-13T04:10:24.038726Z

Severity

10.0 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Red CVSS Calculator

Summary

[none]

Details

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C.

This issue affects wxhelper: through 3.9.10.19-v1.

References

https://github.com/ttttupup/wxhelper/pull/515

Affected packages

Git / github.com/ttttupup/wxhelper

Affected ranges

Type

GIT

Repo

https://github.com/ttttupup/wxhelper

Events

Introduced

Last affected

c58293edc5ef4c68fd1bee1a59cfe7bbd19201b5

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.9.10.19-v1."
        }
    ]
}

Affected versions

3.*

3.8.1.26-V1

3.8.1.26-V2

3.8.1.26-V3

3.8.1.26-V4

3.8.1.26-V5

3.8.1.26-V6

3.8.1.26-V7

3.9.0.28-V1

3.9.0.28-V10

3.9.0.28-V11

3.9.0.28-V12

3.9.0.28-V13

3.9.0.28-V2

3.9.0.28-V3

3.9.0.28-V4

3.9.0.28-V5

3.9.0.28-V6

3.9.0.28-V7

3.9.0.28-V8

3.9.0.28-V9

3.9.10.19-v1

3.9.2.23-V1

3.9.2.23-V2

3.9.2.23-V3

3.9.2.23-V4

3.9.2.23-V5

3.9.2.23-V6

3.9.5.81-v1

3.9.5.81-v10

3.9.5.81-v3

3.9.5.81-v4

3.9.5.81-v5

3.9.5.81-v6

3.9.5.81-v7

3.9.5.81-v8

3.9.5.81-v9

3.9.7.29-v1

3.9.8.25-v1

3.9.8.25-v2

3.95.81-v2

Other

tool

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24822.json"