Vulnerability Description
A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. It looks like this product is not really maintained anymore.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Admesh Project | Admesh | <= 0.98.5 |
Related Weaknesses (CWE)
References
- https://github.com/admesh/admesh/Product
- https://github.com/admesh/admesh/issues/65Issue Tracking
- https://github.com/admesh/admesh/issues/65#issuecomment-3804571402Issue Tracking
- https://github.com/user-attachments/files/24878279/id.000035.sig.06.src.000550.tExploit
- https://vuldb.com/?ctiid.346450Permissions RequiredVDB Entry
- https://vuldb.com/?id.346450Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.752596Third Party AdvisoryVDB Entry
FAQ
What is CVE-2026-2653?
CVE-2026-2653 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stl_check_normal_vector of the file src/normals.c. Performing a manipulation results in heap-based buffer ov...
How severe is CVE-2026-2653?
CVE-2026-2653 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-2653?
Check the references section above for vendor advisories and patch information. Affected products include: Admesh Project Admesh.