CVE-2026-3390 | FascinatedBox lily up to 2.3 Error Reporting src/lily_build_error.c patch_line_end out-of-bounds (Issue 382)

A vulnerability marked as problematic has been reported in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. The manipulation leads to out-of-bounds read.

This vulnerability is referenced as CVE-2026-3390. The attack can only be performed from a local environment. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More