Primary

Context

VirtualTablet Server Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in VirtualTablet Server version 3.0.2. This issue allows attackers to crash the service by sending oversized string payloads through the Thrift protocol. Exploitation involves sending a long string to the send_say() method, which causes the server to become unresponsive.

Impact

Exploitation of this vulnerability leads to a crash of the VirtualTablet Server, causing it to become unresponsive.

Reproduction

The vulnerability can be reproduced by sending a long string payload through the Thrift protocol to the send_say() method. This can be done using a Thrift client that connects to the VirtualTablet Server.

Added: Feb 3, 2026, 10:42 PM

Updated: Feb 3, 2026, 10:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VirtualTablet Server Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating