CVE-2026-3390 - FascinatedBox lily Error Reporting lily_build_error.c patch_line_end out-of-bounds

CVE ID : CVE-2026-3390 Published : March 1, 2026, 10:16 a.m. | 19 minutes ago Description : A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...