CVE-2026-42199
medium
CVSS v3
6.2
CVSS v4 NEW
โ
VIR risk
6.2
Description
Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior
Predictions
Exploit likelihood
62%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
References
- https://github.com/becheran/grid/commit/be213bd3528727148bef2d523c89e95d1fd9c072
- https://github.com/becheran/grid/releases/tag/v1.0.1
- https://github.com/becheran/grid/security/advisories/GHSA-38c5-483c-4qqp
- https://nvd.nist.gov/vuln/detail/CVE-2026-42199
- https://github.com/becheran/grid
- https://github.com/advisories/GHSA-38c5-483c-4qqp
CWEs
CWE-190
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.