CVE-2026-6069

Description

NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.

PUBLISHED Reserved 2026-04-10 | Published 2026-04-10 | Updated 2026-04-10 | Assigner certcc

Problem types

CWE-121: Stack-based Buffer Overflow

Product status

References

github.com/netwide-assembler/nasm/issues/217

cve.org (CVE-2026-6069)

nvd.nist.gov (CVE-2026-6069)

Download JSON