VYPR
Medium severity4.3NVD Advisory· Published Feb 27, 2026· Updated May 10, 2026

CVE-2026-20797

CVE-2026-20797

Description

A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corruption and a termination of the program.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:o:copeland:xweb_300d_pro_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:copeland:xweb_300d_pro_firmware:*:*:*:*:*:*:*:*range: <=1.12.1
    • cpe:2.3:o:copeland:xweb_500d_pro_firmware:*:*:*:*:*:*:*:*range: <=1.12.1
  • cpe:2.3:o:copeland:xweb_500b_pro_firmware:*:*:*:*:*:*:*:*
    Range: <=1.12.1
  • Copeland/XWEB Prollm-create
    Range: <=1.12.1
  • Copeland/Copeland XWEB 300D PROv5
    Range: 0
  • Copeland/Copeland XWEB 500B PROv5
    Range: 0
  • Copeland/Copeland XWEB 500D PROv5
    Range: 0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.