CVE-2026-13573
ADVISORY - debianSummary
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
- llvm-toolchain-22 (unimportant)
- llvm-toolchain-21 (unimportant)
- llvm-toolchain-19 (unimportant)
- llvm-toolchain-18 (unimportant) https://github.com/llvm/llvm-project/issues/199187 Crash in CLI tool, no security impact
Common Weakness Enumeration (CWE)
ADVISORY - redhat
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Debian
CREATED
UPDATED
ADVISORY IDCVE-2026-13573
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-13573
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2026-13573
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)