What is CVE-2016-20047?

CVE-2016-20047 is a high-severity vulnerability in Ekg Gadu, classified under Out-of-bounds Write. CVSS score: 8.4/10. Published 2026-03-28.

How severe is CVE-2016-20047?

High severity. CVSS v3 base score is 8.4 out of 10.

Buffer overflow in Ekg Gadu

CVE-2016-20047

EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (5.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.4 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Ekg Gadu — versions 1:1.9~pre+r2855-3+b1

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

ExploitDB-40392 (exploit)
Official Product Homepage (product)
VulnCheck Advisory: EKG Gadu 1.9 Local Buffer Overflow via Username Parameter (third-party-advisory)

Frequently asked questions

What is CVE-2016-20047?: CVE-2016-20047 is a high-severity vulnerability in Ekg Gadu, classified under Out-of-bounds Write. CVSS score: 8.4/10. Published 2026-03-28.
How severe is CVE-2016-20047?: High severity. CVSS v3 base score is 8.4 out of 10.