CNNVD-202602-1052 Information

Feb 06, 2026 cve

CNNVD ID

CNNVD-202602-1052

CVE-2026-1998

CNNVD Published: 2026-02-06

Description (Chinese)

MicroPython是MicroPython开源的一个小型的开源Python编程语言解释器。 MicroPython 1.27.0及之前版本存在缓冲区错误漏洞，该漏洞源于对文件py/runtime.c中函数mp_import_all的错误操作，可能导致内存损坏。

Description (English)

MicroPython is a small open-source Python programming language interpreter for MicroPython open source. MicroPython 1.27.0 and previous versions had an error loophole in the buffer zone resulting from an error in the function py/runtime.c. mp import all, which could cause memory damage.

Hazard Level

Critical

Vulnerability Type

缓冲区错误

Affected Vendor

MicroPython

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/dpgeorge/micropython/commit/570744d06c5ba9dba59b4c3f432ca4f0abd396b6 https://github.com/micropython/micropython/ https://github.com/micropython/micropython/issues/18639 https://github.com/micropython/micropython/issues/18639#issue-3780651410 https://github.com/micropython/micropython/pull/18671 https://vuldb.com/?ctiid.344546 https://vuldb.com/?id.344546 https://vuldb.com/?submit.743396

Share on: