Vulnerability Details CVE-2026-2016
A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 82f66af3e252e3e137dba0c3891570f085e79adf. Applying a patch is the recommended action to fix this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.4%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 4.3
References
- https://github.com/happyfish100/libfastcommon/
- https://github.com/happyfish100/libfastcommon/commit/82f66af3e252e3e137dba0c3891570f085e79adf
- https://github.com/happyfish100/libfastcommon/issues/55
- https://github.com/happyfish100/libfastcommon/issues/55#issue-3836362577
- https://github.com/happyfish100/libfastcommon/issues/55#issuecomment-3776757848
- https://vuldb.com/?ctiid.344598
- https://vuldb.com/?id.344598
- https://vuldb.com/?submit.743873
Products affected by CVE-2026-2016
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.35
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.36
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.37
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.38
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.39
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.40
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.41
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.42
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.43
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.44
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.45
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.47
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.48
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.49
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.50
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.51
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.52
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.53
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.54
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.55
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.56
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.57
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.58
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.59
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.60
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.61
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.62
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.63
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.64
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.65
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.66
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.67
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.68
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.69
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.7
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.70
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.71
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.72
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.73
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.74
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.75
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.76
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.77
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.78
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.79
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.80
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.81
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.82
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.83
-
cpe:2.3:a:happyfish100:libfastcommon:1.0.84