{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24810", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-01-27T08:39:10.281Z", "datePublished": "2026-01-27T08:47:02.459Z", "dateUpdated": "2026-01-27T15:25:58.557Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/rethinkdb/rethinkdb", "defaultStatus": "affected", "modules": ["src/cjson"], "product": "rethinkdb", "programFiles": ["cJSON.cc"], "vendor": "rethinkdb", "versions": [{"lessThanOrEqual": "v2.4.4", "status": "affected", "version": "0", "versionType": "git"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules).<p> This vulnerability is associated with program files <tt>cJSON.Cc</tt>.</p><p>This issue affects rethinkdb: through v2.4.4.</p>"}], "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules). This vulnerability is associated with program files cJSON.Cc.\n\nThis issue affects rethinkdb: through v2.4.4."}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 10, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/V:C/RE:M/U:Red", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:47:02.459Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/rethinkdb/rethinkdb/pull/7163"}], "source": {"discovery": "UNKNOWN"}, "title": "A buffer overflow in rethinkdb/rethinkdb", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T15:25:29.290424Z", "id": "CVE-2026-24810", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T15:25:58.557Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24810", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-27T15:25:29.290424Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T15:25:51.787Z"}}], "cna": {"title": "A buffer overflow in rethinkdb/rethinkdb", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 10, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/V:C/RE:M/U:Red", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "RED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "rethinkdb", "modules": ["src/cjson"], "product": "rethinkdb", "versions": [{"status": "affected", "version": "0", "versionType": "git", "lessThanOrEqual": "v2.4.4"}], "programFiles": ["cJSON.cc"], "collectionURL": "https://github.com/rethinkdb/rethinkdb", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/rethinkdb/rethinkdb/pull/7163", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules). This vulnerability is associated with program files cJSON.Cc.\n\nThis issue affects rethinkdb: through v2.4.4.", "supportingMedia": [{"type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules).<p> This vulnerability is associated with program files <tt>cJSON.Cc</tt>.</p><p>This issue affects rethinkdb: through v2.4.4.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:47:02.459Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24810", "state": "PUBLISHED", "dateUpdated": "2026-01-27T15:25:58.557Z", "dateReserved": "2026-01-27T08:39:10.281Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-01-27T08:47:02.459Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules). This vulnerability is associated with program files cJSON.Cc.\n\nThis issue affects rethinkdb: through v2.4.4."}, {"lang": "es", "value": "Vulnerabilidad de copia de b\u00fafer sin verificar el tama\u00f1o de la entrada ('Desbordamiento de b\u00fafer cl\u00e1sico') en rethinkdb (m\u00f3dulos src/cjson). Esta vulnerabilidad est\u00e1 asociada con los archivos de programa cJSON.Cc.\n\nEste problema afecta a rethinkdb: hasta la v2.4.4."}], "id": "CVE-2026-24810", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:M/U:Red", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}, "published": "2026-01-27T09:15:51.300", "references": [{"source": "cve_disclosure@tech.gov.sg", "url": "https://github.com/rethinkdb/rethinkdb/pull/7163"}], "sourceIdentifier": "cve_disclosure@tech.gov.sg", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T14:54:45.600766+00:00", "value": {"mitigation_remediation": ["Upgrade to RethinkDB 2.4.5 or later, which contains a patch for the cJSON buffer overflow.", "If an upgrade cannot be applied immediately, restrict network access to the RethinkDB service by applying firewall rules that allow traffic only from trusted hosts.", "Monitor inbound traffic for unusually large JSON payloads and configure alerts for oversized requests, which may indicate exploitation attempts."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability is present in all publicly released versions of RethinkDB up to and including 2.4.4. RethinkDB is an open\u2011source distributed database system that typically runs as a server process listening on network ports. Users who maintain a RethinkDB cluster must ensure they are not running any of the affected releases.", "description_and_impact": "A classic buffer overflow exists in the cJSON parsing component of RethinkDB. The flaw allows an attacker to supply an input payload larger than the destination buffer, causing an overwrite of adjacent memory. If successfully exploited, this could lead to arbitrary code execution under the privileges of the RethinkDB process, impacting confidentiality, integrity, and availability. The weakness is identified as CWE\u2011120.", "risk_and_exploitability": "The CVSS score of 10 marks it as critical, yet its EPSS of less than 1% suggests that exploit activity is very uncommon at present. It is not listed in the CISA KEV catalog, so there is no immediate evidence of active exploitation. Nonetheless, because the flaw can potentially enable remote code execution through malicious JSON payloads sent over the network, the attack vector is likely remote. Administrators should treat it as a high\u2011risk vulnerability that warrants prompt remediation."}}}}, "created": "2026-01-27T20:16:55.077237+00:00", "updated": "2026-04-18T15:00:03.448695+00:00", "vendors": ["rethinkdb", "rethinkdb$PRODUCT$rethinkdb"]}