2 matches found
CVE-2026-11826 OpenPLC_v3 Heap-Based Buffer Overflow in Modbus Master getData()
OpenPLCv3 contains a heap-based buffer overflow in the getData function in webserver/core/modbusmaster.cpp. getData reads characters between two delimiters into a caller-supplied buffer with no size parameter and no bounds check. In parseConfig the function is invoked with the 100-byte...
CVE-2026-11826
OpenPLC_v3 has a heap-based buffer overflow in getData() within webserver/core/modbus_master.cpp. getData() copies data between delimiters into a caller-supplied buffer without size/bounds checks. parseConfig() uses a 100-byte heap-allocated MB_device.dev_name; an authenticated user can POST an o...