CVE-2026-2258
Undergoing Analysis Undergoing Analysis - In Progress
Memory Corruption in Aardappel Lobster WaveFunctionCollapse Function

Publication date: 2026-02-10

Last updated on: 2026-04-29

Assigner: VulDB

Description
A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and may be used. This patch is called c2047a33e1ac2c42ab7e8704b33f7ea518a11ffd. It is advisable to implement a patch to correct this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-10
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-02-10
EPSS Evaluated
2026-05-05
NVD
CVE-2026-2258
EUVD
EUVD-2026-6469
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
strlen lobster to 2025.4 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a flaw found in the aardappel lobster software up to version 2025.4, specifically in the WaveFunctionCollapse function within the dev/src/lobster/wfc.h library. It allows an attacker to perform a local manipulation that can lead to memory corruption.

The exploit for this vulnerability has been published, meaning it is publicly known and can be used by attackers. A patch identified as c2047a33e1ac2c42ab7e8704b33f7ea518a11ffd is available to fix this issue.


How can this vulnerability impact me? :

This vulnerability can lead to memory corruption if exploited locally. Memory corruption can cause the affected software to behave unpredictably, potentially leading to crashes or other unintended behavior.

However, the vulnerability requires local access to be exploited, which limits the attack surface. The CVSS scores indicate a low to moderate impact, with no confidentiality or integrity loss, but some impact on availability.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, it is advisable to implement the patch identified as c2047a33e1ac2c42ab7e8704b33f7ea518a11ffd which corrects the issue in the WaveFunctionCollapse function of the aardappel lobster library.

Since the attack can only be executed locally, limiting local access to trusted users and systems can also help reduce risk.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart