Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 09 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Vinchin Backup & Recovery through 9.0.0.86562 contains a heap buffer overflow vulnerability that allows unauthenticated remote attackers to cause process crash or memory corruption by sending a malformed TCP packet with an unchecked body_len field to the agentlink_server service. Attackers can craft a malicious packet that passes an attacker-controlled length directly to recv(), triggering a heap overflow of up to approximately 4 GiB and resulting in process crash or potential memory corruption. | |
| Title | Vinchin Backup & Recovery 9.0.0.86562 Heap Buffer Overflow via agentlink_server | |
| Weaknesses | CWE-787 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-09T13:25:32.439Z
Reserved: 2026-07-08T13:27:53.029Z
Link: CVE-2026-60094
No data.
No data.
No data.
OpenCVE Enrichment
No data.