Description
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks.
Recommendation
Update the opencc package to the latest compatible version. Followings are version details:
- Affected version(s): <= 1.1.9
- Patched version(s): 1.2.0
References
Related Issues
- Open Chinese Convert subject to Denial of Service via Out-of-bounds Read - CVE-2018-16982
- lobe-chat has an Open Redirect - CVE-2025-59426
- @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking - CVE-2025-25285
- webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle - CVE-2024-43373
- Tags:
- npm
- opencc
Anything's wrong? Let us know Last updated on February 06, 2026