Vulnerability Details CVE-2026-35547
When processing the header of an incoming message, libnv failed to properly validate the message size.
The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to exploit the bug to elevate their privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.9%
CVSS Severity
CVSS v3 Score 8.1