USCiLab Cereal Shared Pointer type confusion_CVE-2026-11463

6.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler. Executing a manipulation can lead to type confusion. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

Basic Information

ID CVE-2026-11463

Source VulDB

Published Jun 7, 2026 at 22:15

Affected Product

Vendor USCiLab

Product Cereal

Version 1.3.0

Affected Versions USCiLab Cereal 1.3.0
USCiLab Cereal 1.3.1
USCiLab Cereal 1.3.2

CWE Classification

CWE-843

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler. Executing a manipulation can lead to type confusion. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.",
    "published": "2026-06-07T22:15:12.845Z",
    "modified": "2026-06-07T22:15:12.845Z",
    "type": "cve",
    "title": "USCiLab Cereal Shared Pointer type confusion",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/369083\nhttps://vuldb.com/vuln/369083/cti\nhttps://vuldb.com/cve/CVE-2026-11463\nhttps://vuldb.com/submit/814456\nhttps://github.com/USCiLab/cereal/issues/870\nhttps://gist.github.com/TrebledJ/0223c1fa3c3fd64e2c7047b8a4385ec0\nhttps://github.com/USCiLab/cereal/",
    "id": "CVE-2026-11463",
    "bulletinFamily": "",
    "cwe": [
        "CWE-843"
    ],
    "cvelist": null,
    "sourceData": "USCiLab Cereal 1.3.0\nUSCiLab Cereal 1.3.1\nUSCiLab Cereal 1.3.2",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Cereal",
    "version": "1.3.0",
    "vendor": "USCiLab",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}