VYPR
Medium severity5.0NVD Advisory· Published Jan 28, 2020· Updated Jun 17, 2026

CVE-2020-5211

CVE-2020-5211

Description

In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nethack/Nethackllm-fuzzy2 versions
    <3.6.5+ 1 more
    • (no CPE)range: <3.6.5
    • (no CPE)range: < 3.6.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.