{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24798", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-01-27T08:18:43.268Z", "datePublished": "2026-01-27T08:27:10.291Z", "dateUpdated": "2026-01-27T21:38:23.168Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/GaijinEntertainment/DagorEngine", "defaultStatus": "affected", "modules": ["prog/3rdPartyLibs/miniupnpc"], "product": "DagorEngine", "programFiles": ["upnpreplyparse.c"], "vendor": "GaijinEntertainment", "versions": [{"lessThanOrEqual": "dagor_2025_01_15", "status": "affected", "version": "0", "versionType": "git"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine (prog/3rdPartyLibs/miniupnpc modules).<p> This vulnerability is associated with program files <tt>upnpreplyparse.C</tt>.</p><p>This issue affects DagorEngine: through dagor_2025_01_15.</p>"}], "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine (prog/3rdPartyLibs/miniupnpc modules). This vulnerability is associated with program files upnpreplyparse.C.\n\nThis issue affects DagorEngine: through dagor_2025_01_15."}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "PRESENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:27:10.291Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/GaijinEntertainment/DagorEngine/pull/136"}], "source": {"discovery": "UNKNOWN"}, "title": "An Uninitialized stack variable vulnerability in GaijinEntertainment/DagorEngine", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T21:09:29.417713Z", "id": "CVE-2026-24798", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T21:38:23.168Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24798", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-27T21:09:29.417713Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T21:09:32.514Z"}}], "cna": {"title": "An Uninitialized stack variable vulnerability in GaijinEntertainment/DagorEngine", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "PRESENT", "version": "4.0", "Recovery": "USER", "baseScore": 9.3, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "GaijinEntertainment", "modules": ["prog/3rdPartyLibs/miniupnpc"], "product": "DagorEngine", "versions": [{"status": "affected", "version": "0", "versionType": "git", "lessThanOrEqual": "dagor_2025_01_15"}], "programFiles": ["upnpreplyparse.c"], "collectionURL": "https://github.com/GaijinEntertainment/DagorEngine", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/GaijinEntertainment/DagorEngine/pull/136", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine (prog/3rdPartyLibs/miniupnpc modules). This vulnerability is associated with program files upnpreplyparse.C.\n\nThis issue affects DagorEngine: through dagor_2025_01_15.", "supportingMedia": [{"type": "text/html", "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine (prog/3rdPartyLibs/miniupnpc modules).<p> This vulnerability is associated with program files <tt>upnpreplyparse.C</tt>.</p><p>This issue affects DagorEngine: through dagor_2025_01_15.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:27:10.291Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24798", "state": "PUBLISHED", "dateUpdated": "2026-01-27T21:38:23.168Z", "dateReserved": "2026-01-27T08:18:43.268Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-01-27T08:27:10.291Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine (prog/3rdPartyLibs/miniupnpc modules). This vulnerability is associated with program files upnpreplyparse.C.\n\nThis issue affects DagorEngine: through dagor_2025_01_15."}, {"lang": "es", "value": "Vulnerabilidad de Restricci\u00f3n Inadecuada de Operaciones dentro de los L\u00edmites de un B\u00fafer de Memoria en GaijinEntertainment DagorEngine (m\u00f3dulos prog/3rdPartyLibs/miniupnpc). Esta vulnerabilidad est\u00e1 asociada con los archivos de programa upnpreplyparse.C.\n\nEste problema afecta a DagorEngine: hasta dagor_2025_01_15."}], "id": "CVE-2026-24798", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "PRESENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}, "published": "2026-01-27T09:15:49.643", "references": [{"source": "cve_disclosure@tech.gov.sg", "url": "https://github.com/GaijinEntertainment/DagorEngine/pull/136"}], "sourceIdentifier": "cve_disclosure@tech.gov.sg", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T14:55:52.638445+00:00", "value": {"mitigation_remediation": ["Update DagorEngine to a version released after dagor_2025_01_15 that incorporates the patch from the GitHub pull request referenced in the advisory.", "If an immediate upgrade is not possible, apply the patch manually by retrieving the changes from the PR https://github.com/GaijinEntertainment/DagorEngine/pull/136 and rebuilding the engine.", "Disable the UPnP functionality in DagorEngine or block network traffic on the UPnP port used by the engine to eliminate exposure to the vulnerable module."], "summary": {"action": "Apply Patch", "impact": "Memory corruption leading to remote code execution"}, "threat_synthesis": {"affected_systems": "GaijinEntertainment DagorEngine is impacted from the base dagor_2025_01_15 release onward. The affected code resides in the 3rdPartyLibs/miniupnpc component, and versions up to and including dagor_2025_01_15 are vulnerable. No additional product or version information is provided. ", "description_and_impact": "The vulnerability is an uninitialized stack variable in the miniupnpc module of DagorEngine, specifically within upnpreplyparse.C. The improper restriction of operations within the bounds of a memory buffer allows an attacker to write arbitrary data beyond the intended buffer. This buffer overflow can overwrite critical data, potentially enabling remote code execution, privilege escalation, or denial\u2011of\u2011service conditions if exploited successfully.", "risk_and_exploitability": "The CVSS score of 9.3 classifies this flaw as critical, while the EPSS score of less than 1% indicates a very low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Because the flaw resides in a network\u2011exposed UPnP module, the likely attack vector is remote over the network, requiring an attacker to send crafted UPnP replies to the vulnerable engine. The description does not state an authentication requirement, so it is inferred that an unauthenticated network attacker could trigger the overflow."}}}}, "created": "2026-01-27T20:17:02.475695+00:00", "updated": "2026-04-18T15:00:03.450419+00:00", "vendors": ["gaijinentertainment", "gaijinentertainment$PRODUCT$dagorengine"]}