CVE-2026-13573

LOW NVD

CVSS Score 3.3

Severity LOW

Published Jun 29, 2026

Vendor unknown

Description

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

References

https://github.com/llvm/llvm-project/
https://github.com/llvm/llvm-project/issues/199187
https://github.com/user-attachments/files/28141697/poc.zip
https://vuldb.com/cve/CVE-2026-13573
https://vuldb.com/submit/844457