In __mfc_handle_released_buf of mfc_core_isr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0116
NONE
EPSS 0.04%
Updated Mar 10, 2026
In
CVE Details
CVE ID
CVE-2026-0116
Published Date
Mar 10, 2026
Vendor
In
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.04%
Likelihood of exploitation in next 30 days
Percentile:
11.0th percentile (higher than 11.0% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory