CVE-2026-40489 | editorconfig editorconfig-core-c up to 0.12.10 EditorConfig Parser ec_glob stack-based overflow (GHSA-97xg-vrcq-254h)

A vulnerability was found in editorconfig editorconfig-core-c up to 0.12.10. It has been declared as critical. Affected by this vulnerability is the function ec_glob of the component EditorConfig Parser. The manipulation results in stack-based buffer overflow.

This vulnerability is reported as CVE-2026-40489. The attack requires a local approach. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More