← back
CVE-2026-50593

CVE-2026-50593

CVSS 7.3 HIGHEPSS 0.1%CWE-191
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
05 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H
Affected products
Graphite project · Graphite

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/silnrsi/graphite/commit/ad78c6b7319909e1540c1b134e115ced03417866https://github.com/silnrsi/graphite/compare/1.3.14...1.3.15