{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30364", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-15T17:49:52.557Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-04-15T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-15T14:27:19.234Z"}, "descriptions": [{"lang": "en", "value": "CentSDR commit e40795 was discovered to contain a stack overflow in the \"Thread1\" function."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/ttrftech/CentSDR/issues/15"}, {"url": "https://gist.github.com/k6dpvrmm8z-glitch/1687ad1d9fc1af696efa9f603c1006be"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-121", "lang": "en", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T17:49:27.367736Z", "id": "CVE-2026-30364", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T17:49:52.557Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30364", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-15T17:49:27.367736Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T17:49:47.770Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/ttrftech/CentSDR/issues/15"}, {"url": "https://gist.github.com/k6dpvrmm8z-glitch/1687ad1d9fc1af696efa9f603c1006be"}], "descriptions": [{"lang": "en", "value": "CentSDR commit e40795 was discovered to contain a stack overflow in the \"Thread1\" function."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-15T14:27:19.234Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30364", "state": "PUBLISHED", "dateUpdated": "2026-04-15T17:49:52.557Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-15T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "CentSDR commit e40795 was discovered to contain a stack overflow in the \"Thread1\" function."}], "id": "CVE-2026-30364", "lastModified": "2026-04-17T15:09:46.880", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-15T15:16:41.427", "references": [{"source": "cve@mitre.org", "url": "https://gist.github.com/k6dpvrmm8z-glitch/1687ad1d9fc1af696efa9f603c1006be"}, {"source": "cve@mitre.org", "url": "https://github.com/ttrftech/CentSDR/issues/15"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "e40795"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "centsdr", "vendor": "ttrftech"}], "analysis": {"en": {"generated_at": "2026-04-15T22:27:17.853162+00:00", "value": {"mitigation_remediation": ["Apply the latest CentSDR release or patch that addresses the stack overflow if one is released by the project maintainers.", "Recompile the CentSDR source with compiler options that enable stack protection and bounds checking, such as \u2013fstack-protector-strong and \u2013D_FORTIFY_SOURCE=2, to mitigate the overflow until a formal fix is available.", "Limit the privileges of the user or process running CentSDR and monitor system logs for abnormal crashes or exploitation attempts."], "summary": {"action": "Assess Impact", "impact": "Potential Local Stack Overflow Leading to Exploitation"}, "threat_synthesis": {"affected_systems": "CentSDR installations that include commit e40795 are affected. No specific vendor or version information is supplied, so any instance of this software running the vulnerable code may be at risk.", "description_and_impact": "The vulnerability arises from a stack overflow detected in the Thread1 function of CentSDR, as identified within commit e40795. A stack overflow typically permits an attacker to overwrite adjacent memory locations, potentially leading to unpredictable program behavior, crashes, or, in some contexts, arbitrary code execution. The CVE data does not describe a confirmed exploitation vector or the privileges required to trigger the overflow, so the exact scope of impact remains uncertain, though local or privileged access could be sufficient if a malicious input is processed by the vulnerable function.", "risk_and_exploitability": "No EPSS or KEV metrics are available, but the CVSS score is 7.5, indicating a high level of severity. However, stack overflows are commonly considered high\u2011severity because they can corrupt execution flow. In the absence of explicit exploitation evidence, the likelihood of immediate attacks is uncertain but the potential for severe compromise exists if an attacker can supply crafted input or exploit the function during operation."}}}}, "created": "2026-04-15T21:02:37.284002+00:00", "title": "CentSDR Commit e40795 Stack Overflow in Thread1 Function", "updated": "2026-04-15T22:30:16.081369+00:00", "vendors": ["ttrftech", "ttrftech$PRODUCT$centsdr"]}