CVE-2026-49760

June 10, 2026, 4:17 p.m.

6.9
Medium

Description

Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erl_interface/src/misc/ei_printterm.c and program routine ei_s_print_term. The C function ei_s_print_term uses an internal 2000-character stack buffer to format terms. When called with an encoded Erlang term containing a very large integer (encoded representation exceeding 2000 characters), the buffer overflows. The overflow bytes are restricted to the ASCII values of 0-9 and A-F, which limits exploitation to Denial of Service. The companion function ei_print_term, which prints directly to a FILE instead of a memory buffer, does not contain this bug. This issue affects OTP from OTP 17.0 before 27.3.4.13, 28.5.0.2 and 29.0.2, corresponding to erl_interface from 3.7.16 before 5.5.2.1, 5.7.0.1 and 5.8.1.

Product(s) Impacted

Vendor Product Versions
Erlang
  • Otp
  • Erl Interface
  • <17.0-27.3.4.13, 28.5.0.2, 29.0.2
  • <3.7.16-5.5.2.1, 5.7.0.1, 5.8.1

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a erlang otp <17.0-27.3.4.13 / / / / / / /
a erlang otp 28.5.0.2 / / / / / / /
a erlang otp 29.0.2 / / / / / / /
a erlang erl_interface <3.7.16-5.5.2.1 / / / / / / /
a erlang erl_interface 5.7.0.1 / / / / / / /
a erlang erl_interface 5.8.1 / / / / / / /

References

https://cna.erlef.org/cves/CVE-2026-49760.html
https://github.com/erlang/otp/commit/0bef277b2d39dc8babb9ceb4f5d0a456f3007111
https://github.com/erlang/otp/security/advisories/GHSA-xcxj-5pg2-v72j
https://osv.dev/vulnerability/EEF-CVE-2026-49760
https://www.erlang.org/doc/system/versions.html#order-of-versions

Tags

CWE-121
6b3ad84c-e1a6-4bf7-a703-f496b71e49db
2026-06-10
CVE-2026-49760

CVSS Score

6.9 / 10

CVSS Data - 4.0

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Attack Requirements: NONE
  • Privileges Required: NONE
  • User Interaction: NONE
  • Scope:
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: HIGH
  • Exploit Maturity: NOT_DEFINED

    • CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

    View Vector String

Timeline

Published: June 10, 2026, 4:17 p.m.
Last Modified: June 10, 2026, 4:17 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

6b3ad84c-e1a6-4bf7-a703-f496b71e49db

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.