CVE-2026-13574 | llvm llvm-project up to 22.1.6 Bitcode File IntrinsicInst.cpp getBasePtr heap-based overflow (Issue 199191)
A vulnerability marked as problematic has been reported in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow.
This vulnerability is handled as CVE-2026-13574. It is possible to launch the attack on the local host. Additionally, an exploit exists.
The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More