CVE-2026-38755
15.07.2026, 22:16
A heap overflow in the evalcommand() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.