CNNVD-202602-2274 Information

Feb 13, 2026 cve

CNNVD ID

CNNVD-202602-2274

CVE-2026-21870

  • CNNVD Published: 2026-02-13

Description (Chinese)

BACnet Protocol Stack是一个适用于多种平台的,用于提供BACnet应用层、网络层和媒体访问(MAC)层通信服务的库。 BACnet Protocol Stack 1.4.2版本、1.5.0.rc2版本及之前版本存在安全漏洞,该漏洞源于ubasic解释器中存在差一栈缓冲区溢出,可能导致处理超长字符串字面量时崩溃。

Description (English)

BACnet Protocol Stack is a repository for BACnet application, network and media access (MAC)-level communication services that is applicable to multiple platforms. There is a security loophole in the BACnet Protocol Stack 1.4.2, 1.5.0.rc2 and earlier versions, which stems from the spilling of a barrage of buffers in the balsic interpreter, which could lead to a collapse in the processing of a very long string.

Vulnerability Type

其他

Affected Vendor

BACnet Stack

Published

2026-02-13

Last Modified

2026-02-24

References

https://github.com/bacnet-stack/bacnet-stack/commit/4e1176394a5ae50d2fd0b5790d9bff806dc08465 https://github.com/bacnet-stack/bacnet-stack/pull/1196 https://github.com/bacnet-stack/bacnet-stack/security/advisories/GHSA-pc83-wp6w-93mx

Patch

https://github.com/bacnet-stack/bacnet-stack/tags

Share on: