CVE-2026-24826 CRITICAL

CVE-2026-24826: Out-of-bounds write in turso3d

Vendor Cadaver
Product turso3d
Weakness CWE-787
Published January 27, 2026
Last update January 29, 2026

CVSS base score

10.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects .

Key dates

02Disclosure timeline

January 27, 2026 CVE published
January 29, 2026 Record updated