Denial of Service Vulnerability in lo48576 fbxcel Product
CVE-2026-15274

4.8MEDIUM

Key Information:

Vendor

Lo48576

Status
Vendor
CVE Published:
9 July 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-15274?

A vulnerability in the lo48576 fbxcel product, specifically in the Node Header Handler within the pull_parser component, can be exploited to cause a denial of service. The issue resides in the src/pull_parser/v7400/parser.rs file, where improper handling can lead to service interruptions. This exploit requires a local position to execute and has been made public. A fix is currently pending approval through a pull request.

Affected Version(s)

fbxcel 0.1

fbxcel 0.2

fbxcel 0.3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Zyz3366 (VulDB User)
VulDB CNA Team
.