{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4833", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-25T14:19:41.105Z", "datePublished": "2026-03-26T01:02:39.046Z", "dateUpdated": "2026-03-26T01:02:39.046Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-26T01:02:39.046Z"}, "title": "Orc discount Markdown markdown.c compile recursion", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-674", "lang": "en", "description": "Uncontrolled Recursion"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-404", "lang": "en", "description": "Denial of Service"}]}], "affected": [{"vendor": "Orc", "product": "discount", "versions": [{"version": "3.0.1.0", "status": "affected"}, {"version": "3.0.1.1", "status": "affected"}, {"version": "3.0.1.2", "status": "affected"}], "modules": ["Markdown Handler"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. The project maintainer confirms: \"[I]f you feed it an infinitely deep blockquote input it will crash. (...) [T]his is a duplicate of an old bug that I've been working on.\""}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:C", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:C", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:C"}}], "timeline": [{"time": "2026-03-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-25T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-25T15:24:48.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "MTHG (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.353138", "name": "VDB-353138 | Orc discount Markdown markdown.c compile recursion", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.353138", "name": "VDB-353138 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.775841", "name": "Submit #775841 | Orc discount 3.0.1.2 Memory Corruption", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Orc/discount/issues/305", "tags": ["issue-tracking"]}, {"url": "https://github.com/Orc/discount/issues/305#issuecomment-4027546673", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/25847391/crash00.md", "tags": ["exploit"]}, {"url": "https://github.com/Orc/discount/", "tags": ["product"]}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. The project maintainer confirms: \"[I]f you feed it an infinitely deep blockquote input it will crash. (...) [T]his is a duplicate of an old bug that I've been working on.\""}], "id": "CVE-2026-4833", "lastModified": "2026-03-26T02:16:08.323", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-26T02:16:08.323", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/Orc/discount/"}, {"source": "cna@vuldb.com", "url": "https://github.com/Orc/discount/issues/305"}, {"source": "cna@vuldb.com", "url": "https://github.com/Orc/discount/issues/305#issuecomment-4027546673"}, {"source": "cna@vuldb.com", "url": "https://github.com/user-attachments/files/25847391/crash00.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.353138"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.353138"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.775841"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-404"}, {"lang": "en", "value": "CWE-674"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0.1.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0.1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0.1.2"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "discount", "source": "cna", "vendor": "Orc"}, "product": "discount", "vendor": "orc"}], "analysis": {"en": {"generated_at": "2026-03-26T04:20:22.497218+00:00", "value": {"mitigation_remediation": ["Upgrade Orc discount to a version newer than 3.0.1.2 when available.", "If an upgrade is not immediately possible, limit the depth of nested blockquotes fed to the Markdown handler to prevent recursion exhaustion.", "Run the markdown processing component in a sandboxed or isolated environment to contain any crash.", "Regularly monitor the Orc discount project repository and issue tracker for patches or updates related to this bug."], "summary": {"action": "Apply Update", "impact": "Local Denial of Service"}, "threat_synthesis": {"affected_systems": "The affected product is Orc discount Markdown Handler, with all releases up to version 3.0.1.2 listed as vulnerable. No newer version is documented as fixed, so users of any version within that range are at risk.", "description_and_impact": "The vulnerability stems from uncontrolled recursion in the markdown.c compile function of Orc discount, triggered by feeding the parser an infinitely deep blockquote. This leads to a stack exhaustion and subsequent application crash. The weakness indicates inadequate input validation, allowing the denial\u2011of\u2011service effect to occur locally without exposing data or code execution capabilities.", "risk_and_exploitability": "The CVSS score of 4.8 reflects moderate severity, and the vulnerability is not listed in the CISA KEV catalog, implying limited public exploitation visibility. The attack requires local access to the system running Orc discount. Exploitation results in a crash, providing only a local denial\u2011of\u2011service condition without elevation of privileges or data compromise."}}}}, "created": "2026-03-26T11:30:51.220568+00:00", "updated": "2026-03-26T12:08:52.804096+00:00", "vendors": ["orc", "orc$PRODUCT$discount"]}