CVE-2026-22189CRITICAL 9.8EPSS p34.7%

CVE-2026-22189CVE-2026-22189

Description

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf() call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern (-gp) into a fixed-size stack buffer without length validation. Supplying an excessively long glyph pattern string can overflow the stack buffer, resulting in memory corruption and a deterministic crash. Depending on build configuration and execution environment, the overflow may also be exploitable for arbitrary code execution.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.44% probability of exploitation · percentile 34.7% · 2026-06-19T12:03:05Z
Published2026-01-07
Last modified2026-05-26

Underlying weaknesses· 2

CWE-121CWE-787

References

  1. https://github.com/panda3d/panda3d
  2. https://seclists.org/fulldisclosure/2026/Jan/10
  3. https://www.panda3d.org/
  4. https://www.vulncheck.com/advisories/panda3d-egg-mkfont-stack-buffer-overflow

2

TypeTargetConfidenceTier
WeaknessStack-based Buffer Overflowcwe-1210%live
WeaknessOut-of-bounds Writecwe-7870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-50256
CVE
CVE-2025-15273
CVE
CVE-2025-15275
CVE
CVE-2025-15274
CVE
CVE-2026-1489
CVE
CVE-2025-15272
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.