CVE-2026-12192
Received Received - Intake
Buffer Overflow in GALAYOU Y4 Web Server

Publication date: 2026-06-15

Last updated on: 2026-06-15

Assigner: VulDB

Description
A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-15
Last Modified
2026-06-15
Generated
2026-06-15
AI Q&A
2026-06-15
EPSS Evaluated
N/A
NVD
CVE-2026-12192
EUVD
EUVD-2026-36671
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
galayou y4 1.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the GALAYOU Y4 1.0.0 Web Server component. It is caused by a buffer overflow due to manipulation of an unknown function within the web server. The attack can only be performed from within the local network.

The vulnerability has been publicly disclosed and the vendor did not respond to early contact attempts regarding this issue.

Impact Analysis

Exploitation of this vulnerability can lead to a buffer overflow, which may allow an attacker within the local network to compromise the affected system.

The CVSS scores indicate a high severity impact, with potential consequences including complete confidentiality, integrity, and availability loss of the affected system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12192. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart