Nothing stb Integer Overflow Vulnerability in stb_dupreplace Function

Vulnerability

A critical integer overflow vulnerability has been identified in the Nothing stb product, in versions prior to f056911. The issue arises in the stb_dupreplace function, where improper handling of integer values could be exploited, potentially leading to remote attacks. Nothing stb employs a continuous delivery model with rolling releases, so specific version details for affected or patched releases are not available.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution or cause a denial-of-service condition, allowing for disruption of service or application functionality.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nothing stb Integer Overflow Vulnerability in stb_dupreplace Function

Vulnerability

Impact

Affected Products

Nothing stb

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating