cbcvebase.
CVE-2026-57877
published 2026-06-26

CVE-2026-57877: An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by…

PriorityP350high8.6CVSS 3.1
AVNACLPRNUINSUCLILAH
EPSS
0.25%
15.9th percentile
An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper handling of externally controlled input during log message formatting in the login processing path. A remote attacker may exploit this vulnerability by sending crafted login data, potentially causing information disclosure, memory corruption, or a denial of service.

Affected

1 ranges
VendorProductVersion rangeFixed in
geovision_incgv-lpclpc2011_2211
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.