ID:12786 - Exploit for Stack-based buffer overflow in libyang
Published: July 1, 2026
Vulnerability identifier: #VU136055
Vulnerability risk: Medium
CVE-ID: N/A
CWE-ID: CWE-121
Exploitation vector: Remote access
Vulnerable software:
libyang
libyang
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in lysc_update_path. A remote attacker can trigger stack-based buffer overflow and cause a denial of service condition on the target system.
Remediation
Install updates from vendor's website.