CVE-2026-3994 - Vulnerability Details

- rui314 mold Object File input-files.cc initialize_sections heap-based overflow

Description

A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Published: 2026-03-12

Score: 4.8 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The described vulnerability is a heap-based buffer overflow in the function mold::ObjectFilemold::X86_64::initialize_sections located in src/input-files.cc of the mold compiler. It is triggered when an attacker manipulates input files, leading to memory corruption and potential program instability. The weakness is identified as CWE-119 and CWE-122 and can cause mold to crash or exhibit unintended memory writes.

Affected Systems

The vulnerability affects all releases of rui314 mold up to and including version 2.40.4. No later versions are listed as vulnerable in the provided information, and the description states that the issue exists in these earlier releases.

Risk and Exploitability

The CVSS score is 4.8, indicating medium severity, while the EPSS score is below 1 %, pointing to a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires local access, as noted in the description, and a public exploit has been demonstrated that triggers the overflow via crafted input files.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

rui314

mold

affected

Version	Status	Constraints
`2.40.0`	affected	—
`2.40.1`	affected	—
`2.40.2`	affected	—
`2.40.3`	affected	—
`2.40.4`	affected	—

No data.

Vendor Product Confidence Versions

Rui314

Mold

100%

Version	Status	Scheme	Platform
`2.40.0`	affected	semver	—
`2.40.1`	affected	semver	—
`2.40.2`	affected	semver	—
`2.40.3`	affected	semver	—
`2.40.4`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Verify your current mold version to determine whether it is 2.40.4 or earlier.
If a vulnerable version is in use, restrict mold to trusted input files and run it inside a sandbox or container to contain possible memory corruption.
Monitor system logs and application behavior for crashes or abnormal memory usage that could indicate exploitation of this heap overflow.
Check the mold project's release notes or official advisories for a patch or update; apply any available fix as soon as it is released.

Generated by OpenCVE AI on March 18, 2026 at 16:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/oneafter/0209/blob/main/mo2/repro
https://github.com/rui314/mold/
https://github.com/rui314/mold/issues/1548
https://vuldb.com/?ctiid.350476
https://vuldb.com/?id.350476
https://vuldb.com/?submit.769772

History

Fri, 13 Mar 2026 10:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Rui314 Rui314 mold
Vendors & Products		Rui314 Rui314 mold

Thu, 12 Mar 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 12 Mar 2026 06:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title		rui314 mold Object File input-files.cc initialize_sections heap-based overflow
Weaknesses		CWE-119 CWE-122
References		https://github.com/oneafter/0209/blob/main/mo2/repro https://github.com/rui314/mold/ https://github.com/rui314/mold/issues/1548 https://vuldb.com/?ctiid.350476 https://vuldb.com/?id.350476 https://vuldb.com/?submit.769772
Metrics		cvssV2_0 `{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Rui314 Mold

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-12T06:02:11.026Z

Updated: 2026-03-12T14:25:44.421Z

Reserved: 2026-03-11T16:55:36.872Z

Link: CVE-2026-3994

Vulnrichment

Updated: 2026-03-12T14:25:39.451Z

NVD

Status : Deferred

Published: 2026-03-12T06:16:32.167

Modified: 2026-04-22T21:30:26.497

Link: CVE-2026-3994

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-20T15:35:57Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object