CVE-2002-2026
published 2002-12-31CVE-2002-2026: Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.
PriorityP429high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
4.15%
89.6th percentile
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| browseftp | browseftp_client | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
ghsa6.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
ImageMagick: Possible memory leak in ASHLAR encoder
ghsa·2026-02-24
CVE-2026-25637 [MEDIUM] CWE-401 ImageMagick: Possible memory leak in ASHLAR encoder
ImageMagick: Possible memory leak in ASHLAR encoder
A memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image that results in small objects that are allocated but never freed.
```
==880062== Memcheck, a memory error detector
==880062== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==880062== Using Valgrind-3.18.1 and LibVEX; rerun with -h for copyright info
==880062==
==880062==
==880062== HEAP SUMMARY:
==880062== in use at exit: 386,826 bytes in 696 blocks
==880062== total heap usage: 30,523 allocs, 29,827 frees, 21,803,756 bytes allocated
==880062==
==880062== LEAK SUMMARY:
==880062== definitely lost: 3,408 bytes in 3 blocks
==880062== indirectly lost: 88,885 bytes in 30 blocks
==880062== possibly lost: 140,944
GHSA
GHSA-h35x-g9m3-w82q: Buffer overflow in BrowseFTP 1
ghsa_unreviewed·2022-04-30
CVE-2002-2026 [HIGH] GHSA-h35x-g9m3-w82q: Buffer overflow in BrowseFTP 1
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.
Citrix
Citrix Security Bulletin CTX115245
vendor_citrix·CVSS 4.3
CVE-2002-2426 [MEDIUM] Citrix Security Bulletin CTX115245
Citrix Security Bulletin CTX115245
CVE References: CVE-2002-2426, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
No detection rules found.
No writeups or analysis indexed.
2002-12-31
Published