Denial of Service Vulnerability in lo48576 fbxcel Product
CVE-2026-15274
4.8MEDIUM
Key Information:
Badges
๐พ Exploit Exists๐ก Public PoC
What is CVE-2026-15274?
A vulnerability in the lo48576 fbxcel product, specifically in the Node Header Handler within the pull_parser component, can be exploited to cause a denial of service. The issue resides in the src/pull_parser/v7400/parser.rs file, where improper handling can lead to service interruptions. This exploit requires a local position to execute and has been made public. A fix is currently pending approval through a pull request.
Affected Version(s)
fbxcel 0.1
fbxcel 0.2
fbxcel 0.3
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
Zyz3366 (VulDB User)
VulDB CNA Team
