happyfish100 libfastcommon base64.c base64_decode stack-based overflow_CVE-2026-2016

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 82f66af3e252e3e137dba0c3891570f085e79adf. Applying a patch is the recommended action to fix this issue.

Basic Information

ID CVE-2026-2016

Source VulDB

Published Feb 6, 2026 at 11:02

Affected Product

Vendor happyfish100

Product libfastcommon

Version 1.0.0

Affected Versions happyfish100 libfastcommon 1.0.0
happyfish100 libfastcommon 1.0.1
happyfish100 libfastcommon 1.0.2
happyfish100 libfastcommon 1.0.3
happyfish100 libfastcommon 1.0.4
happyfish100 libfastcommon 1.0.5
happyfish100 libfastcommon 1.0.6
happyfish100 libfastcommon 1.0.7
happyfish100 libfastcommon 1.0.8
happyfish100 libfastcommon 1.0.9
happyfish100 libfastcommon 1.0.10
happyfish100 libfastcommon 1.0.11
happyfish100 libfastcommon 1.0.12
happyfish100 libfastcommon 1.0.13
happyfish100 libfastcommon 1.0.14
happyfish100 libfastcommon 1.0.15
happyfish100 libfastcommon 1.0.16
happyfish100 libfastcommon 1.0.17
happyfish100 libfastcommon 1.0.18
happyfish100 libfastcommon 1.0.19
happyfish100 libfastcommon 1.0.20
happyfish100 libfastcommon 1.0.21
happyfish100 libfastcommon 1.0.22
happyfish100 libfastcommon 1.0.23
happyfish100 libfastcommon 1.0.24
happyfish100 libfastcommon 1.0.25
happyfish100 libfastcommon 1.0.26
happyfish100 libfastcommon 1.0.27
happyfish100 libfastcommon 1.0.28
happyfish100 libfastcommon 1.0.29
happyfish100 libfastcommon 1.0.30
happyfish100 libfastcommon 1.0.31
happyfish100 libfastcommon 1.0.32
happyfish100 libfastcommon 1.0.33
happyfish100 libfastcommon 1.0.34
happyfish100 libfastcommon 1.0.35
happyfish100 libfastcommon 1.0.36
happyfish100 libfastcommon 1.0.37
happyfish100 libfastcommon 1.0.38
happyfish100 libfastcommon 1.0.39
happyfish100 libfastcommon 1.0.40
happyfish100 libfastcommon 1.0.41
happyfish100 libfastcommon 1.0.42
happyfish100 libfastcommon 1.0.43
happyfish100 libfastcommon 1.0.44
happyfish100 libfastcommon 1.0.45
happyfish100 libfastcommon 1.0.46
happyfish100 libfastcommon 1.0.47
happyfish100 libfastcommon 1.0.48
happyfish100 libfastcommon 1.0.49
happyfish100 libfastcommon 1.0.50
happyfish100 libfastcommon 1.0.51
happyfish100 libfastcommon 1.0.52
happyfish100 libfastcommon 1.0.53
happyfish100 libfastcommon 1.0.54
happyfish100 libfastcommon 1.0.55
happyfish100 libfastcommon 1.0.56
happyfish100 libfastcommon 1.0.57
happyfish100 libfastcommon 1.0.58
happyfish100 libfastcommon 1.0.59
happyfish100 libfastcommon 1.0.60
happyfish100 libfastcommon 1.0.61
happyfish100 libfastcommon 1.0.62
happyfish100 libfastcommon 1.0.63
happyfish100 libfastcommon 1.0.64
happyfish100 libfastcommon 1.0.65
happyfish100 libfastcommon 1.0.66
happyfish100 libfastcommon 1.0.67
happyfish100 libfastcommon 1.0.68
happyfish100 libfastcommon 1.0.69
happyfish100 libfastcommon 1.0.70
happyfish100 libfastcommon 1.0.71
happyfish100 libfastcommon 1.0.72
happyfish100 libfastcommon 1.0.73
happyfish100 libfastcommon 1.0.74
happyfish100 libfastcommon 1.0.75
happyfish100 libfastcommon 1.0.76
happyfish100 libfastcommon 1.0.77
happyfish100 libfastcommon 1.0.78
happyfish100 libfastcommon 1.0.79
happyfish100 libfastcommon 1.0.80
happyfish100 libfastcommon 1.0.81
happyfish100 libfastcommon 1.0.82
happyfish100 libfastcommon 1.0.83
happyfish100 libfastcommon 1.0.84

CWE Classification

CWE-121 CWE-119

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 82f66af3e252e3e137dba0c3891570f085e79adf. Applying a patch is the recommended action to fix this issue.",
    "published": "2026-02-06T11:02:08.107Z",
    "modified": "2026-02-06T11:02:08.107Z",
    "type": "cve",
    "title": "happyfish100 libfastcommon base64.c base64_decode stack-based overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344598\nhttps://vuldb.com/?ctiid.344598\nhttps://vuldb.com/?submit.743873\nhttps://github.com/happyfish100/libfastcommon/issues/55\nhttps://github.com/happyfish100/libfastcommon/issues/55#issuecomment-3776757848\nhttps://github.com/happyfish100/libfastcommon/issues/55#issue-3836362577\nhttps://github.com/happyfish100/libfastcommon/commit/82f66af3e252e3e137dba0c3891570f085e79adf\nhttps://github.com/happyfish100/libfastcommon/",
    "id": "CVE-2026-2016",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "happyfish100 libfastcommon 1.0.0\nhappyfish100 libfastcommon 1.0.1\nhappyfish100 libfastcommon 1.0.2\nhappyfish100 libfastcommon 1.0.3\nhappyfish100 libfastcommon 1.0.4\nhappyfish100 libfastcommon 1.0.5\nhappyfish100 libfastcommon 1.0.6\nhappyfish100 libfastcommon 1.0.7\nhappyfish100 libfastcommon 1.0.8\nhappyfish100 libfastcommon 1.0.9\nhappyfish100 libfastcommon 1.0.10\nhappyfish100 libfastcommon 1.0.11\nhappyfish100 libfastcommon 1.0.12\nhappyfish100 libfastcommon 1.0.13\nhappyfish100 libfastcommon 1.0.14\nhappyfish100 libfastcommon 1.0.15\nhappyfish100 libfastcommon 1.0.16\nhappyfish100 libfastcommon 1.0.17\nhappyfish100 libfastcommon 1.0.18\nhappyfish100 libfastcommon 1.0.19\nhappyfish100 libfastcommon 1.0.20\nhappyfish100 libfastcommon 1.0.21\nhappyfish100 libfastcommon 1.0.22\nhappyfish100 libfastcommon 1.0.23\nhappyfish100 libfastcommon 1.0.24\nhappyfish100 libfastcommon 1.0.25\nhappyfish100 libfastcommon 1.0.26\nhappyfish100 libfastcommon 1.0.27\nhappyfish100 libfastcommon 1.0.28\nhappyfish100 libfastcommon 1.0.29\nhappyfish100 libfastcommon 1.0.30\nhappyfish100 libfastcommon 1.0.31\nhappyfish100 libfastcommon 1.0.32\nhappyfish100 libfastcommon 1.0.33\nhappyfish100 libfastcommon 1.0.34\nhappyfish100 libfastcommon 1.0.35\nhappyfish100 libfastcommon 1.0.36\nhappyfish100 libfastcommon 1.0.37\nhappyfish100 libfastcommon 1.0.38\nhappyfish100 libfastcommon 1.0.39\nhappyfish100 libfastcommon 1.0.40\nhappyfish100 libfastcommon 1.0.41\nhappyfish100 libfastcommon 1.0.42\nhappyfish100 libfastcommon 1.0.43\nhappyfish100 libfastcommon 1.0.44\nhappyfish100 libfastcommon 1.0.45\nhappyfish100 libfastcommon 1.0.46\nhappyfish100 libfastcommon 1.0.47\nhappyfish100 libfastcommon 1.0.48\nhappyfish100 libfastcommon 1.0.49\nhappyfish100 libfastcommon 1.0.50\nhappyfish100 libfastcommon 1.0.51\nhappyfish100 libfastcommon 1.0.52\nhappyfish100 libfastcommon 1.0.53\nhappyfish100 libfastcommon 1.0.54\nhappyfish100 libfastcommon 1.0.55\nhappyfish100 libfastcommon 1.0.56\nhappyfish100 libfastcommon 1.0.57\nhappyfish100 libfastcommon 1.0.58\nhappyfish100 libfastcommon 1.0.59\nhappyfish100 libfastcommon 1.0.60\nhappyfish100 libfastcommon 1.0.61\nhappyfish100 libfastcommon 1.0.62\nhappyfish100 libfastcommon 1.0.63\nhappyfish100 libfastcommon 1.0.64\nhappyfish100 libfastcommon 1.0.65\nhappyfish100 libfastcommon 1.0.66\nhappyfish100 libfastcommon 1.0.67\nhappyfish100 libfastcommon 1.0.68\nhappyfish100 libfastcommon 1.0.69\nhappyfish100 libfastcommon 1.0.70\nhappyfish100 libfastcommon 1.0.71\nhappyfish100 libfastcommon 1.0.72\nhappyfish100 libfastcommon 1.0.73\nhappyfish100 libfastcommon 1.0.74\nhappyfish100 libfastcommon 1.0.75\nhappyfish100 libfastcommon 1.0.76\nhappyfish100 libfastcommon 1.0.77\nhappyfish100 libfastcommon 1.0.78\nhappyfish100 libfastcommon 1.0.79\nhappyfish100 libfastcommon 1.0.80\nhappyfish100 libfastcommon 1.0.81\nhappyfish100 libfastcommon 1.0.82\nhappyfish100 libfastcommon 1.0.83\nhappyfish100 libfastcommon 1.0.84",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "libfastcommon",
    "version": "1.0.0",
    "vendor": "happyfish100",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}