Description
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96.
Published: 2026-03-24
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Buffer overflow
Action: Patch
AI Analysis

Impact

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability—CWE-119—exists in linkingvision rapidvms. The vulnerability allows data to be written beyond the intended memory buffer, but the official description does not elaborate on the exact operational consequences.

Affected Systems

RapidVMS installations that were in use before the code changes introduced in pull request #96 are considered vulnerable. No specific version numbers are provided, so any release prior to that pull request should be treated as affected.

Risk and Exploitability

The CVSS base score of 7.8 classifies this defect as high severity. Exploit probability information is not available and the issue has not been listed in the Known Exploited Vulnerabilities catalog, so the risk of exploitation remains uncertain. The description does not specify the attack vector, therefore the accessibility and conditions required for exploitation cannot be determined from the available data.

Generated by OpenCVE AI on March 24, 2026 at 09:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a RapidVMS update that includes the changes from pull request #96 or later.

Generated by OpenCVE AI on March 24, 2026 at 09:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:linkingvision:rapidvms:-:*:*:*:*:*:*:*

Tue, 24 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Linkingvision
Linkingvision rapidvms
Vendors & Products Linkingvision
Linkingvision rapidvms

Tue, 24 Mar 2026 06:15:00 +0000

Type Values Removed Values Added
Description Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96.
Title Improper Restriction of Operations within the Bounds of a Memory Buffer in linkingvision rapidvms
Weaknesses CWE-119
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Linkingvision Rapidvms
cve-icon MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published:

Updated: 2026-03-24T14:15:58.916Z

Reserved: 2026-03-24T05:46:40.229Z

Link: CVE-2026-33847

cve-icon Vulnrichment

Updated: 2026-03-24T14:15:55.691Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-24T06:16:21.670

Modified: 2026-04-20T20:19:54.100

Link: CVE-2026-33847

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:39:56Z

Weaknesses