Volerion logoVolerion
Volerion logoVolerion

Malwarebytes and Nebula Stack Buffer Out-of-Bounds Access Vulnerability Leading to Buffer Overflow

Vulnerability

A stack buffer out-of-bounds access vulnerability has been identified in Malwarebytes versions 4.6.14.326 and prior, as well as in Malwarebytes 5 versions prior to 5.1.5.116. This issue also affects the Nebula platform in versions through June 2024. The vulnerability arises from an integer underflow when processing newline characters, which can be exploited to cause a heap-based buffer overflow.

Impact

Exploitation of this vulnerability leads to a heap-based buffer overflow, which can commonly result in arbitrary code execution.

Remediation

Users are advised to upgrade to Malwarebytes 4 versions 4.6.14.326 and later, or Malwarebytes 5 versions 5.1.5.116 and later. For the Nebula platform, upgrade to version 2.0.0.64 or later for the Endpoint Agent, and version 4.6.17.334 or later for the Protection Service.

Added: Aug 14, 2025, 6:44 PM
Updated: Aug 14, 2025, 6:44 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
10.0
exploitability
3.3
remediation
7.7
relevance
0.4
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.