CVE-2026-5475

EUVD-2026-18813
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but has not responded yet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Affected Products (NVD)
VendorProductVersion
nasacore_flight_system
𝑥
≤ 7.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/nasa/cFS/
https://github.com/nasa/cFS/issues/953
https://vuldb.com/submit/781951
https://vuldb.com/vuln/355079
https://vuldb.com/vuln/355079/cti