Description
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96.
Published: 2026-03-24
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a buffer overflow caused by improper restriction of operations within the bounds of a memory buffer. Classified as CWE-119, this flaw allows an attacker to overwrite adjacent memory, potentially leading to arbitrary code execution or a denial of service. The CVSS score of 8.8 reflects the high potential impact of this weakness.

Affected Systems

The flaw affects Linkingvision Rapidvms for any version released before the fix in pull request #96. Specific version numbers are not listed, so any pre-PR-96 build is considered vulnerable. The affected product is linkingvision:rapidvms.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity, and the epidemic spread likelihood is not available, as the EPSS score is not provided. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote, because a buffer overflow can be triggered by an attacker sending crafted data over an exposed interface; based on the description, it is inferred that untrusted input could trigger the overflow. Consequently, systems exposing Rapidvms to untrusted traffic are at significant risk unless mitigated.

Generated by OpenCVE AI on March 24, 2026 at 07:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch contained in pull request #96 to Rapidvms.
  • Restart any services that depend on Rapidvms after applying the patch.
  • Verify that the patched version is running by checking the application version, and review logs for abnormal activity.

Generated by OpenCVE AI on March 24, 2026 at 07:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:linkingvision:rapidvms:-:*:*:*:*:*:*:*

Tue, 24 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Linkingvision
Linkingvision rapidvms
Vendors & Products Linkingvision
Linkingvision rapidvms

Tue, 24 Mar 2026 06:15:00 +0000

Type Values Removed Values Added
Description Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96.
Title Improper Restriction of Operations within the Bounds of a Memory Buffer in linkingvision rapidvms
Weaknesses CWE-119
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Linkingvision Rapidvms
cve-icon MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published:

Updated: 2026-03-24T14:17:00.767Z

Reserved: 2026-03-24T05:46:40.230Z

Link: CVE-2026-33848

cve-icon Vulnrichment

Updated: 2026-03-24T14:16:57.974Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-24T06:16:21.927

Modified: 2026-04-20T20:20:12.130

Link: CVE-2026-33848

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:39:58Z

Weaknesses