Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-evt3-ts2m-qqba
Vulnerability ID VCID-evt3-ts2m-qqba
Aliases CVE-2018-14346
Summary GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2018-14346
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2018-14346
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2018-14346
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2018-14346
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14346
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14347
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16430
904903 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904903
USN-4641-1 https://usn.ubuntu.com/4641-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.66159
EPSS Score 0.00496
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:40:15.338170+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0