[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-42996":6},{"stargazers_count":4,"fetched_at":5},5,"2026-05-01T12:24:33.086Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":24,"related":25,"reserved_at":9,"published_at":26,"modified_at":26,"state":27,"summary":28,"references_raw":35,"kevs":48,"epss":9,"epss_history":49,"metrics":50,"affected":54},"CVE-2026-42996","JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in \n\ngrid2deg in APRSISClient.cpp.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-121","Stack-based Buffer Overflow","A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).","weakness","Draft","Variant","High",[],[],[],[],[],[],[],"2026-05-01T06:42:58.858Z","PUBLISHED",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":30,"severity_score":31,"severity_version":32,"severity_source":33,"severity_vector":34,"severity_status":27},false,"critical",10,"v4.0","cve.org","CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:D/RE:M/U:Green",[36,40,44],{"url":37,"sources":38,"tags":39},"https://github.com/JS8Call-improved/JS8Call-improved/security/advisories/GHSA-98hp-pjp7-w62x",[33],[],{"url":41,"sources":42,"tags":43},"https://amateur-radio-resources.sourceforge.io/PDF/JS8APRS.pdf",[33],[],{"url":45,"sources":46,"tags":47},"https://github.com/js8call/js8call/blob/fd721e8b67eed84cb3c09d018205ab9a53e1a8b1/APRSISClient.cpp#L89-L102",[33],[],[],[],[51],{"source":33,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":52},{"baseScore":31,"baseSeverity":53,"vectorString":34,"impactScore":9,"exploitabilityScore":9},"CRITICAL",[55,65],{"ecosystem":9,"name":56,"vendor":57,"product":57,"cpe_part":58,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":59},"JS8Call-improved","js8call-improved","a",[60],{"version":61,"is_range":62,"range_type":33,"version_start":9,"version_start_type":9,"version_end":63,"version_end_type":64,"fixed_in":9},"\u003C 3.0",true,"3.0","excluding",{"ecosystem":9,"name":66,"vendor":67,"product":67,"cpe_part":58,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":68},"JS8Call","js8call",[69],{"version":70,"is_range":62,"range_type":33,"version_start":9,"version_start_type":9,"version_end":71,"version_end_type":72,"fixed_in":9},"\u003C= 2.3.1","2.3.1","including"]