{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2653", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-02-18T06:30:08.519Z", "datePublished": "2026-02-18T11:02:07.838Z", "dateUpdated": "2026-02-23T10:17:19.908Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T10:17:19.908Z"}, "title": "admesh normals.c stl_check_normal_vector heap-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-122", "lang": "en", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "n/a", "product": "admesh", "versions": [{"version": "0.98.0", "status": "affected"}, {"version": "0.98.1", "status": "affected"}, {"version": "0.98.2", "status": "affected"}, {"version": "0.98.3", "status": "affected"}, {"version": "0.98.4", "status": "affected"}, {"version": "0.98.5", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. It looks like this product is not really maintained anymore."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:C"}}], "timeline": [{"time": "2026-02-18T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-02-18T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-02-21T17:40:35.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "LionTree (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.346450", "name": "VDB-346450 | admesh normals.c stl_check_normal_vector heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.346450", "name": "VDB-346450 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.752596", "name": "Submit #752596 | Debian admesh <=0.98.5 Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/admesh/admesh/issues/65", "tags": ["issue-tracking"]}, {"url": "https://github.com/admesh/admesh/issues/65#issuecomment-3804571402", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/24878279/id.000035.sig.06.src.000550.time.910126.execs.241742.op.havoc.rep.5.zip", "tags": ["exploit"]}, {"url": "https://github.com/admesh/admesh/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-18T20:27:31.316499Z", "id": "CVE-2026-2653", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T20:27:38.323Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2653", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-18T20:27:31.316499Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T20:27:35.700Z"}}], "cna": {"title": "admesh normals.c stl_check_normal_vector heap-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "LionTree (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:C"}}], "affected": [{"vendor": "n/a", "product": "admesh", "versions": [{"status": "affected", "version": "0.98.0"}, {"status": "affected", "version": "0.98.1"}, {"status": "affected", "version": "0.98.2"}, {"status": "affected", "version": "0.98.3"}, {"status": "affected", "version": "0.98.4"}, {"status": "affected", "version": "0.98.5"}]}], "timeline": [{"lang": "en", "time": "2026-02-18T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-02-18T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-02-21T17:40:35.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.346450", "name": "VDB-346450 | admesh normals.c stl_check_normal_vector heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.346450", "name": "VDB-346450 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.752596", "name": "Submit #752596 | Debian admesh <=0.98.5 Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/admesh/admesh/issues/65", "tags": ["issue-tracking"]}, {"url": "https://github.com/admesh/admesh/issues/65#issuecomment-3804571402", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/24878279/id.000035.sig.06.src.000550.time.910126.execs.241742.op.havoc.rep.5.zip", "tags": ["exploit"]}, {"url": "https://github.com/admesh/admesh/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. It looks like this product is not really maintained anymore."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T10:17:19.908Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2653", "state": "PUBLISHED", "dateUpdated": "2026-02-23T10:17:19.908Z", "dateReserved": "2026-02-18T06:30:08.519Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-02-18T11:02:07.838Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:admesh_project:admesh:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D1F9409-94C8-44BC-8492-50A3C015D3AF", "versionEndIncluding": "0.98.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. It looks like this product is not really maintained anymore."}, {"lang": "es", "value": "Una falla de seguridad ha sido descubierta en admesh hasta 0.98.5. Este problema afecta a la funci\u00f3n stl_check_normal_vector del archivo src/normals.c. Realizar una manipulaci\u00f3n resulta en desbordamiento de b\u00fafer basado en mont\u00edculo. El ataque debe ser iniciado desde una posici\u00f3n local. El exploit ha sido liberado al p\u00fablico y puede ser utilizado para ataques. Parece que este producto ya no se mantiene realmente."}], "id": "CVE-2026-2653", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.9, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-02-18T11:16:32.770", "references": [{"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://github.com/admesh/admesh/"}, {"source": "cna@vuldb.com", "tags": ["Issue Tracking"], "url": "https://github.com/admesh/admesh/issues/65"}, {"source": "cna@vuldb.com", "tags": ["Issue Tracking"], "url": "https://github.com/admesh/admesh/issues/65#issuecomment-3804571402"}, {"source": "cna@vuldb.com", "tags": ["Exploit"], "url": "https://github.com/user-attachments/files/24878279/id.000035.sig.06.src.000550.time.910126.execs.241742.op.havoc.rep.5.zip"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.346450"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.346450"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.752596"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-122"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.98.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.98.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.98.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.98.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.98.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.98.5"}}], "enrichment": {"confidence": 75.0, "confidence_source": "inferred", "scores": [{"score": 75.0, "source": "inferred"}]}, "original": {"product": "admesh", "source": "cna", "vendor": "n/a"}, "product": "admesh", "vendor": "admesh"}], "analysis": {"en": {"generated_at": "2026-04-17T18:46:35.919017+00:00", "value": {"mitigation_remediation": ["Upgrade ADMesh to the most recent release if an update that fixes the overflow is available; if the project is no longer maintained, migrate to an actively supported slicing tool such as Cura or Slic3r.", "Restrict the user accounts that can load or manipulate STL files, and validate or sanitize input files before passing them to ADMesh to reduce the chance of malformed data triggering the overflow.", "Follow the community\u2019s suggested workarounds from issue #65 on GitHub, applying any available patches or code changes that mitigate the overflow until a formal release is issued."], "summary": {"action": "Assess Impact", "impact": "Heap\u2011based buffer overflow enabling local memory corruption"}, "threat_synthesis": {"affected_systems": "The affected product is ADMesh by the admesh_project, versions up to 0.98.5. No downstream versions are listed, and the project appears to be unmaintained. Users of older releases that still process STL files from untrusted sources are at risk.", "description_and_impact": "A heap\u2011based buffer overflow exists in the stl_check_normal_vector function within ADMesh\u2019s normals.c module. An attacker who can supply a crafted STL file while the program is running may overflow a memory buffer on the heap, potentially causing a crash or execution of malicious code. The flaw is triggered by local manipulation of input data and is not remotely exploitable. The underlying weaknesses correspond to CWE\u2011119 and CWE\u2011122, indicating improper bounds checking and buffer over\u2011run issues.", "risk_and_exploitability": "The CVSS base score is 4.8, reflecting a moderate severity for a local exploit. The EPSS indicates a very low but nonzero probability of exploitation (<1%), and the vulnerability is not listed in CISA\u2019s KEV catalog. Because the code must be executed locally, a privileged or locally\u2011logged user could exploit the flaw, but remote attackers would be unable to trigger it unless they can run the software. Publicly available proof\u2011of\u2011concept exploits suggest that the risk is real for environments that permit local execution of untrusted STL files."}}}}, "created": "2026-02-19T10:20:20.912601+00:00", "updated": "2026-04-17T19:00:10.998846+00:00", "vendors": ["admesh", "admesh$PRODUCT$admesh"]}