CVE-2026-42996 POC (Proof-of-Concept)

JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp.

Published: 2026-05-01

CVSS: 10.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:D/RE:M/U:Green

Download CVE-2026-42996 POC (Proof-of-Concept) here:

http://zeroday6mns52t72y3rsle7f72wca5uwn2xzktdysf72flozx7sv4mqd.onion/exploit-for-cve-2026-42996.784/

Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.

https://hokyo.gr/poc-689-cve-2026-4430/

https://hokyo.gr/poc-327-cve-2026-7812/

https://hokyo.gr/poc-688-cve-2026-44406/

https://hokyo.gr/poc-215-cve-2026-7723/

https://hokyo.gr/poc-58-cve-2026-31742/