{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2016-20038/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2016-20038","buffer-overflow","local-code-execution"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eyTree versions 1.94 to 1.1 are susceptible to a stack-based buffer overflow vulnerability (CVE-2016-20038). A local attacker can exploit this flaw by providing an overly long command-line argument to the application. The vulnerability allows the attacker to overwrite the stack memory, inject and execute arbitrary code within the context of the yTree application. This could lead to a full system compromise if the attacker gains sufficient privileges. This vulnerability has been publicly known…\u003c/p\u003e\n","date_modified":"2026-03-28T12:15:59Z","date_published":"2026-03-28T12:15:59Z","id":"/briefs/2026-03-ytree-buffer-overflow/","summary":"yTree version 1.94-1.1 is vulnerable to a stack-based buffer overflow, allowing local attackers to execute arbitrary code by supplying an excessively long argument to overwrite the stack with shellcode.","title":"yTree Stack-Based Buffer Overflow Vulnerability (CVE-2016-20038)","url":"https://feed.craftedsignal.io/briefs/2026-03-ytree-buffer-overflow/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2016-20038","version":"https://jsonfeed.org/version/1.1"}