Description
Use After Free vulnerability in No-Chicken Echo-Mate.This issue affects Echo-Mate: before V250329.
Published: 2026-03-24
Score: 6.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Possible arbitrary code execution
Action: Patch Now
AI Analysis

Impact

The vulnerability is a Use After Free in No-Chicken Echo-Mate. It allows an attacker to access or overwrite memory that has already been freed, potentially corrupting the program state. This memory corruption can enable arbitrary code execution or trigger a denial of service. While the description references the risk of arbitrary code execution, its impact on confidentiality, integrity, or availability is inferred rather than explicitly stated in the advisory.

Affected Systems

All releases of No-Chicken Echo-Mate prior to version V250329 are affected. Users running any of these earlier builds should consider them compromised until updated to the patched version.

Risk and Exploitability

The CVSS score of 6.4 indicates moderate severity. No EPSS data is provided, and the vulnerability is not listed in the KEV catalog, suggesting no known widespread exploitation. The attack vector is not specified in the CVE, but a Use After Free typically requires the attacker to interact with the application—either locally or remotely—depending on how Echo-Mate is deployed. It is inferred that the attacker would need to supply crafted input that triggers the free operation and then subsequently references the freed memory. No documented exploitation has been found.

Generated by OpenCVE AI on March 24, 2026 at 07:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Echo-Mate to version V250329 or newer
  • If an upgrade is not immediately possible, isolate the application from untrusted inputs or disable the feature that triggers the free operation
  • Verify that the upgrade mitigates the vulnerability and monitor for anomalous behavior

Generated by OpenCVE AI on March 24, 2026 at 07:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared No-chicken
No-chicken echo-mate
Vendors & Products No-chicken
No-chicken echo-mate

Tue, 24 Mar 2026 06:15:00 +0000

Type Values Removed Values Added
Description Use After Free vulnerability in No-Chicken Echo-Mate.This issue affects Echo-Mate: before V250329.
Title Use After Free in No-Chicken Echo-Mate
Weaknesses CWE-416
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No-chicken Echo-mate
cve-icon MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published:

Updated: 2026-03-24T14:28:22.730Z

Reserved: 2026-03-24T05:38:57.073Z

Link: CVE-2026-4752

cve-icon Vulnrichment

Updated: 2026-03-24T14:28:19.272Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-24T06:16:23.553

Modified: 2026-03-24T15:53:48.067

Link: CVE-2026-4752

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:40:02Z

Weaknesses