Home / Vulnerability Intelligence / CVE-2026-37536

CVE-2026-37536 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: May 1, 2026

miaofng/uds-c - Buffer Overflow

Published: May 1, 2026Updated: May 1, 2026

Overview

miaofng/uds-c contains a stack buffer overflow caused by lack of bounds check on payload_length in send_diagnostic_request, letting attackers cause memory corruption via crafted payload, exploit requires crafted input.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Attackers can cause memory corruption leading to potential code execution or application crash.

Mitigation

Update to the latest version with bounds checking on payload_length in send_diagnostic_request.

References

https://gist.github.com/sgInnora/f4ac66faeefe07a653ceeb3f58cdc381
https://github.com/miaofng/uds-c
https://github.com/openxc/uds-c

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-37536
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: new

CVSS Metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H