Description
Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious input in the Interpret or Album fields that triggers a buffer overflow, overwriting SEH pointers and executing injected shellcode with application privileges.
Published: 2026-05-23
Score: 8.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Audiograbber 1.83 contains a local buffer overflow that can be triggered by malformed input in the Interpret or Album fields. The overflow overwrites structured exception handling (SEH) pointers, allowing an attacker to launch arbitrary code with the privileges of the application. This can lead to full compromise of the local system where the software is running.

Affected Systems

The vulnerability affects the Audiograbber application, specifically version 1.83. No additional vendor or product variants are listed.

Risk and Exploitability

The CVSS score of 8.6 indicates high severity. An attacker would need local access to the machine or the ability to supply crafted input to the program. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting no widespread exploitation reports yet. However, the potential for code execution remains high for any user running the affected application.

Generated by OpenCVE AI on May 23, 2026 at 19:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Audiograbber to a patched version once the vendor releases one. If no update is available, uninstall or disable the Interpret and Album input fields to remove the entry point; backup the configuration before making changes. Apply strict account controls and run the application with the least privilege needed; if possible, confine the software in a sandbox or container to limit the impact of potential exploitation.
  • Check the Audiograbber website regularly for security updates and apply any available patches as soon as they are released.
  • If a patch is not available, consider uninstalling the application or isolating it in a sandbox environment with minimal privileges and monitor for any suspicious activity.

Generated by OpenCVE AI on May 23, 2026 at 19:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 23 May 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Audiograbber
Audiograbber audiograbber
Vendors & Products Audiograbber
Audiograbber audiograbber

Sat, 23 May 2026 18:45:00 +0000

Type Values Removed Values Added
Description Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious input in the Interpret or Album fields that triggers a buffer overflow, overwriting SEH pointers and executing injected shellcode with application privileges.
Title Audiograbber 1.83 Local Buffer Overflow via SEH
Weaknesses CWE-120
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Audiograbber Audiograbber
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-23T18:30:54.959Z

Reserved: 2026-05-23T16:22:59.669Z

Link: CVE-2018-25355

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-23T20:00:11Z

Weaknesses