Every CVE whose affected-product data names Elm-chan Fatfs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-6682 — CVSS 7.6 (high): In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats can wrap, leading to…
CVE-2026-6688 — CVSS 7.6 (high): FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled…
CVE-2026-6687 — CVSS 7.6 (high): FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted without…
CVE-2026-6685 — CVSS 6.1 (medium): FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc)…
CVE-2026-6686 — CVSS 4.6 (medium): FatFs R0.16 and earlier contains an uninitialized cluster exposure when f_lseek() extends files beyond EOF without zero-filling newly…
CVE-2026-6684 — CVSS 4.6 (medium): FatFs prior to R0.16 that use GPT scanning with 'FF_LBA64 = 1' contains an issue where an unbounded loop count derived from GPT header…
CVE-2026-6683 — CVSS 4.6 (medium): FatFs R0.16 and earlier contains a divide-by-zero in exFAT sync logic bug when crafted metadata causes n_fatent - 2 to be zero during…