CVE-2026-40489 - editorconfig-core-c has incomplete fix for CVE-2023-0341
CVE ID :CVE-2026-40489 Published : April 18, 2026, 2:16 a.m. | 25 minutes ago Description :editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ec_glob() that allows a
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] GHSA-9J88-VVJ5-VHGR: GHSA-9j88-vvj5-vhgr: STARTTLS Response Injection and SASL Downgrade in MailKit
- [CYBER] Apple account change alerts abused to send phishing emails
- [CYBER] Vercel Says Internal Systems Hit in Breach
- [CYBER] Vercel Says Internal Systems Hit in Breach
- [CYBER] Three Vulnerabilities That Quietly Rewrote the Threat Model in 2025
- [CYBER] Found and reported a Second-Order SQL Injection in mailcow (CVE-2026-40871) – High severity