CVE-2026-38754 | Busybox 1.38.0 Shell shell/ash.c ifsbreakup heap-based overflow

SecurityVulns

A vulnerability classified as critical was found in Busybox 1.38.0. Impacted is the function ifsbreakup of the file shell/ash.c of the component Shell. The manipulation results in heap-based buffer overflow.

This vulnerability was named CVE-2026-38754. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More