Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-17bv-8sdu-t7ga
Vulnerability ID VCID-17bv-8sdu-t7ga
Aliases CVE-2012-4463
Summary GNU Midnight Commander does not properly sanitize environment variables, possibly resulting in execution of arbitrary code or Denial of Service.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00638 https://api.first.org/data/v1/epss?cve=CVE-2012-4463
epss 0.00638 https://api.first.org/data/v1/epss?cve=CVE-2012-4463
epss 0.00638 https://api.first.org/data/v1/epss?cve=CVE-2012-4463
epss 0.00638 https://api.first.org/data/v1/epss?cve=CVE-2012-4463
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4463.json
https://api.first.org/data/v1/epss?cve=CVE-2012-4463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4463
689571 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689571
862813 https://bugzilla.redhat.com/show_bug.cgi?id=862813
GLSA-201402-18 https://security.gentoo.org/glsa/201402-18
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.71
EPSS Score 0.00638
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T18:18:35.160251+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201402-18 38.6.0