← All reports

NovumOS versions prior to 0.24 have critical vulnerabilities that allow user-mode processes to execute arbitrary code and map arbitrary memory ranges.

CybersecurityApr 18, 2026score 0.172 posts · 0 replies across 1 instances
The thread discusses two critical vulnerabilities in NovumOS, a custom 32-bit operating system, affecting versions prior to 0.24. These vulnerabilities allow user-mode processes to execute arbitrary code and map arbitrary memory ranges, posing significant security risks.

Claims

NovumOS versions prior to 0.24 have critical vulnerabilities that allow user-mode processes to execute arbitrary code and map arbitrary memory ranges.
Parent: Operating SystemsEntity: NovumOSImpact: negativeDate: Apr 18, 2026Target: Security of NovumOS versions prior to 0.24

Source posts

@[email protected]
🔴 CVE-2026-40572 - Critical (9) NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validati... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40572/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
0 boosts · 0 favs · 0 replies · Apr 18, 2026
#tenda#cve#vulnerability#infosec#cybersecurity#security
@[email protected]
🔴 CVE-2026-40317 - Critical (9.3) NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode pr... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40317/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
1 boosts · 0 favs · 0 replies · Apr 18, 2026
#cve#vulnerability#infosec#cybersecurity#security#tenda