{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3994", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-11T16:55:36.872Z", "datePublished": "2026-03-12T06:02:11.026Z", "dateUpdated": "2026-03-12T14:25:44.421Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-12T06:02:11.026Z"}, "title": "rui314 mold Object File input-files.cc initialize_sections heap-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-122", "lang": "en", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "rui314", "product": "mold", "versions": [{"version": "2.40.0", "status": "affected"}, {"version": "2.40.1", "status": "affected"}, {"version": "2.40.2", "status": "affected"}, {"version": "2.40.3", "status": "affected"}, {"version": "2.40.4", "status": "affected"}], "modules": ["Object File Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-11T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-11T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-11T18:00:42.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Oneafter (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.350476", "name": "VDB-350476 | rui314 mold Object File input-files.cc initialize_sections heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.350476", "name": "VDB-350476 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.769772", "name": "Submit #769772 | rui314 mold mold 2.40.4 and main-branch Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/rui314/mold/issues/1548", "tags": ["issue-tracking"]}, {"url": "https://github.com/oneafter/0209/blob/main/mo2/repro", "tags": ["exploit"]}, {"url": "https://github.com/rui314/mold/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T14:25:27.421403Z", "id": "CVE-2026-3994", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:25:44.421Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3994", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-12T14:25:27.421403Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:25:39.451Z"}}], "cna": {"title": "rui314 mold Object File input-files.cc initialize_sections heap-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "Oneafter (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "rui314", "modules": ["Object File Handler"], "product": "mold", "versions": [{"status": "affected", "version": "2.40.0"}, {"status": "affected", "version": "2.40.1"}, {"status": "affected", "version": "2.40.2"}, {"status": "affected", "version": "2.40.3"}, {"status": "affected", "version": "2.40.4"}]}], "timeline": [{"lang": "en", "time": "2026-03-11T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-11T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-11T18:00:42.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.350476", "name": "VDB-350476 | rui314 mold Object File input-files.cc initialize_sections heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.350476", "name": "VDB-350476 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.769772", "name": "Submit #769772 | rui314 mold mold 2.40.4 and main-branch Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/rui314/mold/issues/1548", "tags": ["issue-tracking"]}, {"url": "https://github.com/oneafter/0209/blob/main/mo2/repro", "tags": ["exploit"]}, {"url": "https://github.com/rui314/mold/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-12T06:02:11.026Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3994", "state": "PUBLISHED", "dateUpdated": "2026-03-12T14:25:44.421Z", "dateReserved": "2026-03-11T16:55:36.872Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-12T06:02:11.026Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Una vulnerabilidad fue detectada en rui314 mold hasta la versi\u00f3n 2.40.4. Este problema afecta la funci\u00f3n mold::ObjectFilemold::X86_64::initialize_sections del archivo src/input-files.cc del componente Gestor de Archivos de Objeto. Realizar una manipulaci\u00f3n resulta en un desbordamiento de b\u00fafer basado en mont\u00edculo. Atacar localmente es un requisito. El exploit ahora es p\u00fablico y puede ser utilizado. El proyecto fue informado del problema tempranamente a trav\u00e9s de un informe de problema, pero a\u00fan no ha respondido."}], "id": "CVE-2026-3994", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.9, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-12T06:16:32.167", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/oneafter/0209/blob/main/mo2/repro"}, {"source": "cna@vuldb.com", "url": "https://github.com/rui314/mold/"}, {"source": "cna@vuldb.com", "url": "https://github.com/rui314/mold/issues/1548"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.350476"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.350476"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.769772"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-122"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.40.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.40.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.40.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.40.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.40.4"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "mold", "source": "cna", "vendor": "rui314"}, "product": "mold", "vendor": "rui314"}], "analysis": {"en": {"generated_at": "2026-03-18T16:06:05.128386+00:00", "value": {"mitigation_remediation": ["Verify your current mold version to determine whether it is 2.40.4 or earlier.", "If a vulnerable version is in use, restrict mold to trusted input files and run it inside a sandbox or container to contain possible memory corruption.", "Monitor system logs and application behavior for crashes or abnormal memory usage that could indicate exploitation of this heap overflow.", "Check the mold project's release notes or official advisories for a patch or update; apply any available fix as soon as it is released."], "summary": {"action": "Monitor", "impact": "Heap-based Buffer Overflow"}, "threat_synthesis": {"affected_systems": "The vulnerability affects all releases of rui314 mold up to and including version 2.40.4. No later versions are listed as vulnerable in the provided information, and the description states that the issue exists in these earlier releases.", "description_and_impact": "The described vulnerability is a heap-based buffer overflow in the function mold::ObjectFilemold::X86_64::initialize_sections located in src/input-files.cc of the mold compiler. It is triggered when an attacker manipulates input files, leading to memory corruption and potential program instability. The weakness is identified as CWE-119 and CWE-122 and can cause mold to crash or exhibit unintended memory writes.", "risk_and_exploitability": "The CVSS score is 4.8, indicating medium severity, while the EPSS score is below 1\u202f%, pointing to a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires local access, as noted in the description, and a public exploit has been demonstrated that triggers the overflow via crafted input files."}}}}, "created": "2026-03-13T09:53:28.074595+00:00", "updated": "2026-03-20T15:35:57.443928+00:00", "vendors": ["rui314", "rui314$PRODUCT$mold"]}