CVE-2026-12216

Summary

A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file duk_api_bytecode.c. Executing a manipulation of the argument count_instr can lead to memory corruption. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
svaaraladuktape2.99.0affected
svaaraladuktape2.99.1affected
svaaraladuktape2.99.2affected
svaaraladuktape2.99.3affected
svaaraladuktape2.99.4affected
svaaraladuktape2.99.5affected
svaaraladuktape2.99.6affected
svaaraladuktape2.99.7affected
svaaraladuktape2.99.8affected
svaaraladuktape2.99.9affected
svaaraladuktape2.99.10affected
svaaraladuktape2.99.11affected
svaaraladuktape2.99.12affected
svaaraladuktape2.99.13affected
svaaraladuktape2.99.14affected
svaaraladuktape2.99.15affected
svaaraladuktape2.99.16affected
svaaraladuktape2.99.17affected
svaaraladuktape2.99.18affected
svaaraladuktape2.99.19affected
svaaraladuktape2.99.20affected
svaaraladuktape2.99.21affected
svaaraladuktape2.99.22affected
svaaraladuktape2.99.23affected
svaaraladuktape2.99.24affected
svaaraladuktape2.99.25affected
svaaraladuktape2.99.26affected
svaaraladuktape2.99.27affected
svaaraladuktape2.99.28affected
svaaraladuktape2.99.29affected
svaaraladuktape2.99.30affected
svaaraladuktape2.99.31affected
svaaraladuktape2.99.32affected
svaaraladuktape2.99.33affected
svaaraladuktape2.99.34affected
svaaraladuktape2.99.35affected
svaaraladuktape2.99.36affected
svaaraladuktape2.99.37affected
svaaraladuktape2.99.38affected
svaaraladuktape2.99.39affected
svaaraladuktape2.99.40affected
svaaraladuktape2.99.41affected
svaaraladuktape2.99.42affected
svaaraladuktape2.99.43affected
svaaraladuktape2.99.44affected
svaaraladuktape2.99.45affected
svaaraladuktape2.99.46affected
svaaraladuktape2.99.47affected
svaaraladuktape2.99.48affected
svaaraladuktape2.99.49affected
svaaraladuktape2.99.50affected
svaaraladuktape2.99.51affected
svaaraladuktape2.99.52affected
svaaraladuktape2.99.53affected
svaaraladuktape2.99.54affected
svaaraladuktape2.99.55affected
svaaraladuktape2.99.56affected
svaaraladuktape2.99.57affected
svaaraladuktape2.99.58affected
svaaraladuktape2.99.59affected
svaaraladuktape2.99.60affected
svaaraladuktape2.99.61affected
svaaraladuktape2.99.62affected
svaaraladuktape2.99.63affected
svaaraladuktape2.99.64affected
svaaraladuktape2.99.65affected
svaaraladuktape2.99.66affected
svaaraladuktape2.99.67affected
svaaraladuktape2.99.68affected
svaaraladuktape2.99.69affected
svaaraladuktape2.99.70affected
svaaraladuktape2.99.71affected
svaaraladuktape2.99.72affected
svaaraladuktape2.99.73affected
svaaraladuktape2.99.74affected
svaaraladuktape2.99.75affected
svaaraladuktape2.99.76affected
svaaraladuktape2.99.77affected
svaaraladuktape2.99.78affected
svaaraladuktape2.99.79affected
svaaraladuktape2.99.80affected
svaaraladuktape2.99.81affected
svaaraladuktape2.99.82affected
svaaraladuktape2.99.83affected
svaaraladuktape2.99.84affected
svaaraladuktape2.99.85affected
svaaraladuktape2.99.86affected
svaaraladuktape2.99.87affected
svaaraladuktape2.99.88affected
svaaraladuktape2.99.89affected
svaaraladuktape2.99.90affected
svaaraladuktape2.99.91affected
svaaraladuktape2.99.92affected
svaaraladuktape2.99.93affected
svaaraladuktape2.99.94affected
svaaraladuktape2.99.95affected
svaaraladuktape2.99.96affected
svaaraladuktape2.99.97affected
svaaraladuktape2.99.98affected
svaaraladuktape2.99.99affected

Weaknesses

  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References