CVE-2026-57881

PUBLISHED

Published: 26 Jun 2026, 07:17

Last modified:26 Jun 2026, 07:17

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.8 CRITICAL

v3.1 (cve.org)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Jun 2026, 07:17

Published

Vulnerability first disclosed

Description

An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient length validation when processing remote login data. A remote attacker may exploit this vulnerability by sending crafted login data with overly long input, resulting in memory corruption, denial of service, or potentially arbitrary code execution.

CVSS Metrics

v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Techniques & Countermeasures

CWE-121•Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Affected Systems

geovision inc.•gv-lpclpc2011/2211
1.12

References (1)

https://www.geovision.com.tw/cyber_security.php