Nothing Stb Stack-Based Buffer Overflow Vulnerability in stb_include_string Function

Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in Nothing's stb, affecting versions prior to f056911. The issue arises in the stb_include_string function, where improper handling of the path_to_includes argument creates the potential for remote exploitation.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing a crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nothing Stb Stack-Based Buffer Overflow Vulnerability in stb_include_string Function

Vulnerability

Impact

Affected Products

Nothings stb

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating