CVE-2026-22188
MEDIUMPanda3D <= 1.10.16 - Denial of Service via Unbounded Stack Allocation in deploy-stub
Title source: llmDescription
The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argv_copy and argv_copy2 using alloca() based directly on the attacker-controlled argc value without validation. Supplying a large number of command-line arguments can exhaust stack space and propagate uninitialized stack memory into Python interpreter initialization, resulting in a reliable crash and undefined behavior.
References (4)
Core 4
Core References
Exploit, Mailing List, Third Party Advisory technical-description
exploit
https://seclists.org/fulldisclosure/2026/Jan/9
Product product
https://www.panda3d.org/
Product product
https://github.com/panda3d/panda3d
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/panda3d-deploy-stub-stack-exhaustion-via-unbounded-alloca
Scores
CVSS v3
5.5
EPSS
0.0017
EPSS Percentile
7.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-457
CWE-789
CWE-908
Status
published
Products (2)
cmu/panda3d
< 1.10.16
Panda3D/Panda3D
< 1.10.16
Published
Jan 07, 2026
Tracked Since
Feb 18, 2026