VYPR

Furnace

by Tildearrow

Source repositories

CVEs (4)

  • CVE-2026-24800CriJan 27, 2026
    risk 0.65cvss epss 0.00

    Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in tildearrow furnace (extern/zlib modules). This vulnerability is associated with program files inflate.C.

  • CVE-2026-4732HigMar 24, 2026
    risk 0.48cvss epss 0.00

    Out-of-bounds Read vulnerability in tildearrow furnace (‎extern/libsndfile-modified/src modules). This vulnerability is associated with program files flac.C‎. This issue affects furnace: before 0.7.

  • CVE-2022-1289Apr 10, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch…

  • CVE-2022-1211Apr 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in tildearrow Furnace dev73. This affects the FUR to VGM converter in console mode which causes stack-based overflows and crashes. It is possible to initiate the attack remotely but it requires user-interaction. A POC has…