{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24795", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-01-27T08:18:43.267Z", "datePublished": "2026-01-27T08:23:47.447Z", "dateUpdated": "2026-01-27T21:38:51.796Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/CloverHackyColor/CloverBootloader", "defaultStatus": "affected", "modules": ["MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma"], "product": "CloverBootloader", "programFiles": ["regcomp.c"], "vendor": "CloverHackyColor", "versions": [{"lessThan": "5162", "status": "affected", "version": "0", "versionType": "git"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules).<p> This vulnerability is associated with program files <tt>regcomp.C</tt>.</p><p>This issue affects CloverBootloader: before 5162.</p>"}], "value": "Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C.\n\nThis issue affects CloverBootloader: before 5162."}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 5.1, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:N/AU:Y/R:U/V:C/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:23:47.447Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/CloverHackyColor/CloverBootloader/pull/733"}], "source": {"discovery": "UNKNOWN"}, "title": "An Out-of-bounds Write in CloverHackyColor/CloverBootloader", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T21:09:45.000091Z", "id": "CVE-2026-24795", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T21:38:51.796Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24795", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-27T21:09:45.000091Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T21:09:49.337Z"}}], "cna": {"title": "An Out-of-bounds Write in CloverHackyColor/CloverBootloader", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 5.1, "Automatable": "YES", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:N/AU:Y/R:U/V:C/RE:L/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "CloverHackyColor", "modules": ["MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma"], "product": "CloverBootloader", "versions": [{"status": "affected", "version": "0", "lessThan": "5162", "versionType": "git"}], "programFiles": ["regcomp.c"], "collectionURL": "https://github.com/CloverHackyColor/CloverBootloader", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/CloverHackyColor/CloverBootloader/pull/733", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C.\n\nThis issue affects CloverBootloader: before 5162.", "supportingMedia": [{"type": "text/html", "value": "Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules).<p> This vulnerability is associated with program files <tt>regcomp.C</tt>.</p><p>This issue affects CloverBootloader: before 5162.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:23:47.447Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24795", "state": "PUBLISHED", "dateUpdated": "2026-01-27T21:38:51.796Z", "dateReserved": "2026-01-27T08:18:43.267Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-01-27T08:23:47.447Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C.\n\nThis issue affects CloverBootloader: before 5162."}, {"lang": "es", "value": "Vulnerabilidad de escritura fuera de l\u00edmites en CloverHackyColor CloverBootloader (m\u00f3dulos MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma). Esta vulnerabilidad est\u00e1 asociada con los archivos de programa regcomp.C.\n\nEste problema afecta a CloverBootloader: anterior a 5162."}], "id": "CVE-2026-24795", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}, "published": "2026-01-27T09:15:49.233", "references": [{"source": "cve_disclosure@tech.gov.sg", "url": "https://github.com/CloverHackyColor/CloverBootloader/pull/733"}], "sourceIdentifier": "cve_disclosure@tech.gov.sg", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T14:56:03.523799+00:00", "value": {"mitigation_remediation": ["Upgrade CloverBootloader to build 5162 or later to apply the out\u2011of\u2011bounds write fix.", "Verify that firmware images are signed and have not been tampered with before loading them onto the system.", "If an update is not immediately possible, restrict boot media to trusted, signed sources and disable booting from unverified external devices."], "summary": {"action": "Patch", "impact": "Memory corruption via out\u2011of\u2011bounds write"}, "threat_synthesis": {"affected_systems": "The issue exists in CloverHackyColor CloverBootloader releases before build 5162. Systems using those early builds remain vulnerable; builds from 5162 onward include the fix and are not affected.", "description_and_impact": "The vulnerability is an out\u2011of\u2011bounds write in the RegularExpressionDxe/Oniguruma modules of CloverBootloader, specifically within the regcomp.C runtime routine. The flaw can overwrite adjacent memory locations, potentially corrupting control data and causing the boot process to crash or behave unpredictably. The advisory does not state that code execution can be achieved, so any claim beyond memory corruption would be speculative.", "risk_and_exploitability": "The CVSS score is 5.1, indicating moderate severity, while the EPSS score is below 1%, showing a very low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Exploitation would likely require delivering a crafted firmware image or modified bootloader to the system, representing a local or pre\u2011boot attack vector. Given the moderate severity and low likelihood of exploitation, administrators should prioritize applying the patch and monitor boot environments for abnormal activity."}}}}, "created": "2026-01-27T20:17:13.923315+00:00", "updated": "2026-04-18T15:00:03.451125+00:00", "vendors": ["cloverhackycolor", "cloverhackycolor$PRODUCT$cloverbootloader"]}