CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-5476

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to be difficult. A fix is planned for the upcoming version milestone of the project.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.0%

CVSS Severity

CVSS v3 Score 4.6

CVSS v2 Score 4.0

References

https://github.com/nasa/cFS/
https://github.com/nasa/cFS/issues/954
https://vuldb.com/submit/781971
https://vuldb.com/vuln/355080
https://vuldb.com/vuln/355080/cti

Products affected by CVE-2026-5476

Nasa » Core Flight System » Version: 6.6.0a

cpe:2.3:a:nasa:core_flight_system:6.6.0a
Nasa » Core Flight System » Version: 6.7.0

cpe:2.3:a:nasa:core_flight_system:6.7.0
Nasa » Core Flight System » Version: 6.7.0a

cpe:2.3:a:nasa:core_flight_system:6.7.0a
Nasa » Core Flight System » Version: 7.0.0

cpe:2.3:a:nasa:core_flight_system:7.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-5476

Products

Pricing

Contact Us