CVE-2026-35176 - Vulnerability Details - OpenCVE

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection() that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Trabucayre	Openfpgaloader

No data.

No data.

References

Link	Providers
https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j

History

Tue, 07 Apr 2026 18:00:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 07 Apr 2026 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Trabucayre Trabucayre openfpgaloader
Vendors & Products		Trabucayre Trabucayre openfpgaloader

Mon, 06 Apr 2026 20:00:00 +0000

Type	Values Removed	Values Added
Description		openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection() that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability.
Title		openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file
Weaknesses		CWE-125
References		https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j
Metrics		cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-04-06T18:59:58.733Z

Updated: 2026-04-07T15:10:26.593Z

Reserved: 2026-04-01T17:26:21.133Z

Link: CVE-2026-35176

Vulnrichment

Updated: 2026-04-07T15:06:41.933Z

NVD

Status : Undergoing Analysis

Published: 2026-04-06T20:16:25.773

Modified: 2026-04-07T16:16:25.267

Link: CVE-2026-35176

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35176", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-01T17:26:21.133Z", "datePublished": "2026-04-06T18:59:58.733Z", "dateUpdated": "2026-04-07T15:10:26.593Z"}, "containers": {"cna": {"title": "openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j"}], "affected": [{"vendor": "trabucayre", "product": "openFPGALoader", "versions": [{"version": "<= 1.1.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-06T18:59:58.733Z"}, "descriptions": [{"lang": "en", "value": "openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection() that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability."}], "source": {"advisory": "GHSA-9x7m-m8gv-px2j", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-07T15:06:31.361548Z", "id": "CVE-2026-35176", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T15:10:26.593Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file", "source": {"advisory": "GHSA-9x7m-m8gv-px2j", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "trabucayre", "product": "openFPGALoader", "versions": [{"status": "affected", "version": "<= 1.1.1"}]}], "references": [{"url": "https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j", "name": "https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection() that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-06T18:59:58.733Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35176", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-07T15:06:31.361548Z"}}}], "references": [{"url": "https://github.com/trabucayre/openFPGALoader/security/advisories/GHSA-9x7m-m8gv-px2j", "tags": ["exploit"]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-04-07T15:06:41.933Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-35176", "state": "PUBLISHED", "dateUpdated": "2026-04-06T18:59:58.733Z", "dateReserved": "2026-04-01T17:26:21.133Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-06T18:59:58.733Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}