CVE-2026-38754

CVE-2026-38754CVE-2026-38754

Description

A heap overflow in the ifsbreakup() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.

Scoring

Last modified2026-07-15
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.