cbcvebase.
CVE-2026-57875
published 2026-06-26

CVE-2026-57875: An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and…

PriorityP349high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.27%
66.1th percentile
An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the affected components. A remote attacker may exploit this vulnerability by sending a specially crafted HTTP request, causing the affected process to crash and resulting in a denial of service.

Affected

1 ranges
VendorProductVersion rangeFixed in
geovision_incgv-lpclpc2011_2211
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.