CVE-2020-37161 HIGH

CVE-2020-37161: Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow

Vendor Wedding Slideshow Studio
Product Wedding Slideshow Studio
Weakness CWE-121
Published February 6, 2026
Last update February 17, 2026

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the registration name field with malicious payload. Attackers can craft a specially designed payload to trigger remote code execution, demonstrating the ability to run system commands like launching the calculator.

Key dates

02Disclosure timeline

February 6, 2026 CVE published
February 17, 2026 Record updated