CVE-2026-24829
Unknown
Unknown - Not Provided
Heap-Based Buffer Overflow in is-Engine Before
Vulnerability report for CVE-2026-24829, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-01-27
Last updated on: 2026-01-27
Assigner: Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)
Description
Description
Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| is-daouda | is-engine | to 3.3.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |