CVE Catalog

CVE-2026-0143

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.07%

0th percentile - higher than 0% of all known CVEs

Summary

In the lwis_device_external_event_emit function in lwis_event.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed.

Risk Assessment

The organization may be exposed to local privilege escalation, which could lead to unauthorized access to the system.

Recommendation

It is recommended to update the software to mitigate this vulnerability and to monitor systems for unauthorized activities.

Original NVD description (English source)

In lwis_device_external_event_emit of lwis_event.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS