Description
CentSDR commit e40795 was discovered to contain a stack overflow in the "Thread1" function.
Published: 2026-04-15
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Potential Local Stack Overflow Leading to Exploitation
Action: Assess Impact
AI Analysis

Impact

The vulnerability arises from a stack overflow detected in the Thread1 function of CentSDR, as identified within commit e40795. A stack overflow typically permits an attacker to overwrite adjacent memory locations, potentially leading to unpredictable program behavior, crashes, or, in some contexts, arbitrary code execution. The CVE data does not describe a confirmed exploitation vector or the privileges required to trigger the overflow, so the exact scope of impact remains uncertain, though local or privileged access could be sufficient if a malicious input is processed by the vulnerable function.

Affected Systems

CentSDR installations that include commit e40795 are affected. No specific vendor or version information is supplied, so any instance of this software running the vulnerable code may be at risk.

Risk and Exploitability

No EPSS or KEV metrics are available, but the CVSS score is 7.5, indicating a high level of severity. However, stack overflows are commonly considered high‑severity because they can corrupt execution flow. In the absence of explicit exploitation evidence, the likelihood of immediate attacks is uncertain but the potential for severe compromise exists if an attacker can supply crafted input or exploit the function during operation.

Generated by OpenCVE AI on April 15, 2026 at 22:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest CentSDR release or patch that addresses the stack overflow if one is released by the project maintainers.
  • Recompile the CentSDR source with compiler options that enable stack protection and bounds checking, such as –fstack-protector-strong and –D_FORTIFY_SOURCE=2, to mitigate the overflow until a formal fix is available.
  • Limit the privileges of the user or process running CentSDR and monitor system logs for abnormal crashes or exploitation attempts.

Generated by OpenCVE AI on April 15, 2026 at 22:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
Title CentSDR Commit e40795 Stack Overflow in Thread1 Function

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Ttrftech
Ttrftech centsdr
Vendors & Products Ttrftech
Ttrftech centsdr

Wed, 15 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description CentSDR commit e40795 was discovered to contain a stack overflow in the "Thread1" function.
References

Subscriptions

Ttrftech Centsdr
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-15T17:49:52.557Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30364

cve-icon Vulnrichment

Updated: 2026-04-15T17:49:47.770Z

cve-icon NVD

Status : Received

Published: 2026-04-15T15:16:41.427

Modified: 2026-04-15T18:16:59.420

Link: CVE-2026-30364

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T22:30:16Z

Weaknesses