{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-29976", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-26T15:29:41.020Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-26T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T14:40:39.938Z"}, "descriptions": [{"lang": "en", "value": "Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/ZerBea/hcxtools/issues/365"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T15:29:38.159106Z", "id": "CVE-2026-29976", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T15:29:41.020Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-29976", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-26T15:29:41.020Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-26T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T14:40:39.938Z"}, "descriptions": [{"lang": "en", "value": "Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/ZerBea/hcxtools/issues/365"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-29976", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T15:29:38.159106Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T15:29:35.787Z"}}]}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function"}], "id": "CVE-2026-29976", "lastModified": "2026-03-26T16:16:09.027", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-26T15:16:36.137", "references": [{"source": "cve@mitre.org", "url": "https://github.com/ZerBea/hcxtools/issues/365"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "hcxpcapngtool: hcxtools: ZerBea hcxpcapngtool: Information disclosure via buffer overflow in getradiotapfield() function", "id": "2451745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451745"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-120", "details": ["A flaw was found in ZerBea hcxpcapngtool. A local attacker can exploit a buffer overflow vulnerability within the `getradiotapfield()` function. This can lead to the disclosure of sensitive information."], "name": "CVE-2026-29976", "public_date": "2026-03-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-29976\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-29976\nhttps://github.com/ZerBea/hcxtools/issues/365"], "statement": "This Low impact vulnerability affects Red Hat Community Projects, specifically the `hcxtools` component. A local attacker can exploit a buffer overflow in the `getradiotapfield()` function, potentially leading to the disclosure of sensitive information.", "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "7.0.1-43-g2ee308e"}}], "enrichment": {"confidence": 85.0, "confidence_source": "inferred", "scores": [{"score": 85.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "hcxpcapngtool", "vendor": "zerbea"}], "analysis": {"en": {"generated_at": "2026-03-26T18:05:32.201920+00:00", "value": {"mitigation_remediation": ["Upgrade to a patched release of ZerBea hcxpcapngtool that removes the buffer overflow.", "Limit execution of the tool to privileged users only and enforce least\u2011privilege practices.", "Enable logging and monitor usage of the tool for suspicious activity.", "If an update cannot be applied, consider disabling or removing the vulnerable binary from the system.", "Consult ZerBea\u2019s release notes or support channels for guidance on additional mitigations."], "summary": {"action": "Apply Patch", "impact": "Local Sensitive Data Disclosure via Buffer Overflow"}, "threat_synthesis": {"affected_systems": "The affected system is any machine running ZerBea hcxpcapngtool at the exact version 7.0.1-43-g2ee308e. No other versions or product variants are listed as impacted, so systems upgraded beyond this release or using a different tool are not affected.", "description_and_impact": "A buffer overflow flaw exists in the getradiotapfield() function of ZerBea hcxpcapngtool version 7.0.1-43-g2ee308e. The overflow can be triggered when the tool processes malformed radiotap headers, allowing a local attacker to read memory beyond its intended bounds. This read can expose sensitive network traffic details or credentials stored in the tool\u2019s memory, compromising confidentiality for the system on which the tool runs.", "risk_and_exploitability": "With a CVSS score of 6.2 the vulnerability is classified as medium severity. The EPSS score is unavailable and it is not listed in the CISA KEV catalog, indicating limited evidence of exploitation in the wild. The attack requires local access and the ability to execute the tool; there is no documented remote vector. The potential impact is a breach of confidentiality for the data processed by the tool, which could include captured packets or associated user credentials."}}}}, "created": "2026-03-27T08:36:28.414675+00:00", "title": "Local Buffer Overflow in ZerBea hcxpcapngtool Allows Sensitive Information Disclosure", "updated": "2026-03-27T09:29:08.906326+00:00", "vendors": ["zerbea", "zerbea$PRODUCT$hcxpcapngtool"]}