high advisory March 27, 2026

Zen C Compiler Stack-Based Buffer Overflow (CVE-2026-33491)

A stack-based buffer overflow vulnerability in Zen C compiler versions before 0.4.4 allows attackers to crash the compiler or potentially execute arbitrary code via a crafted `.zc` source file with overly long identifiers.

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability (CVE-2026-33491) exists within the Zen C compiler. This flaw allows a malicious actor to craft a Zen C source file (.zc) containing excessively long struct, function, or trait identifiers. Successful exploitation of this vulnerability can lead to a compiler crash, causing disruption to development workflows, or potentially allow the attacker to…

Detection coverage 2

Detect Suspicious Zen C Compilation

medium

Detects the execution of the Zen C compiler with potentially malicious .zc files as arguments.

sigma tactics: execution techniques: T1059.004 sources: process_creation, linux

Detect Zen C Compiler Crash

high

Detects Zen C compiler crashes by looking for specific error messages or abnormal process termination events.

sigma tactics: availability techniques: T1499.004 sources: process_creation, linux

Detection queries are kept inside the platform. Get full rules →