Description
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
Published: 2026-01-27
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

The vulnerability involves an infinite loop caused by an unreachable exit condition. An attacker can trigger this loop, exhausting CPU and memory resources, which results in a denial of service. This flaw is categorized as CWE‑835, an infinite loop weakness.

Affected Systems

The affected product is ix-ray engine 1.6, distributed as ixray-1.6-stcop by ixray-Team. Versions before 1.3 are impacted. No other versions have been identified as affected.

Risk and Exploitability

The base CVSS score is 7.5, indicating high severity. EPSS is less than 1%, suggesting low current exploitation likelihood, and the vulnerability is not listed in the CISA KEV catalog. The loop is likely triggered by normal execution of the engine, so an attacker could induce a denial of service by supplying heavy input or by simply letting the process run. No explicit remote network vector is disclosed; the issue appears to be local or privilege-based.

Generated by OpenCVE AI on April 18, 2026 at 02:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ixray-1.6-stcop to version 1.3 or later, which resolves the loop condition.
  • If an upgrade is not immediately possible, restart the ix-ray engine frequently or run it under a process supervisor with resource limits to mitigate the DoS impact.
  • Monitor system CPU and memory metrics for abrupt spikes that may indicate the loop is active.

Generated by OpenCVE AI on April 18, 2026 at 02:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 05 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Ixray-team ix-ray Engine 1.6
CPEs cpe:2.3:a:ixray-team:ix-ray_engine_1.6:*:*:*:*:*:*:*:*
Vendors & Products Ixray-team ix-ray Engine 1.6

Tue, 27 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 27 Jan 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Ixray-team
Ixray-team ixray
Vendors & Products Ixray-team
Ixray-team ixray

Tue, 27 Jan 2026 16:00:00 +0000

Type Values Removed Values Added
Description Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
Title Infinite loop (DoS) in ixray-1.6-stcop
Weaknesses CWE-835
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Ixray-team Ix-ray Engine 1.6 Ixray
cve-icon MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published:

Updated: 2026-01-27T21:35:42.573Z

Reserved: 2026-01-27T08:59:05.366Z

Link: CVE-2026-24831

cve-icon Vulnrichment

Updated: 2026-01-27T21:07:17.727Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-27T16:16:35.903

Modified: 2026-02-05T17:02:35.337

Link: CVE-2026-24831

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T02:15:05Z

Weaknesses