CVE-2020-37040

HIGH SEVERITY

CVSS Score & Metrics

Base Score

8.4 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name field during project creation, potentially executing system commands like calc.exe.

Vulnerability Details

Published Date

January 30, 2026

Last Modified

February 03, 2026

CWE ID

CWE-120

Source

NVD

Vendor

Code::Blocks

Product

Code::Blocks

External References

http://www.codeblocks.org/
https://sourceforge.net/projects/codeblocks
https://www.exploit-db.com/exploits/48594
https://www.vulncheck.com/advisories/code-blocks-file-name-local-buffer-overflow

CVE-2020-37040

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment