High severity8.4NVD Advisory· Published Mar 28, 2026· Updated May 1, 2026
CVE-2016-20037
CVE-2016-20037
Description
xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by shellcode to overwrite the instruction pointer and achieve code execution or denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=1.5.30a-2.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.