Stack-based buffer overflow in otp - CVE-2026-49760
Published: July 2, 2026
otp
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to stack-based buffer overflow in ei_s_print_term when processing an encoded Erlang term containing a very large integer. A remote attacker can supply specially crafted term data to cause a denial of service.
The issue is limited to the memory-printing function and does not affect the related ei_print_term function that writes to a FILE.