What is CVE-2026-33250?

CVE-2026-33250 is a high-severity vulnerability in Longturn Freeciv21, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2026-03-23.

How severe is CVE-2026-33250?

High severity. CVSS v3 base score is 7.5 out of 10.

Buffer overflow in Longturn Freeciv21

CVE-2026-33250

Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A mali…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (25.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Longturn Freeciv21 — versions < 3.1.1

Weakness classification (CWE)

References

https://github.com/longturn/freeciv21/security/advisories/GHSA-f76g-6w3f-f6r3 (x_refsource_CONFIRM)
https://github.com/longturn/freeciv21/commit/ad8e18ca22595529599782b2984bf44df8d69ed6 (x_refsource_MISC)
https://github.com/longturn/freeciv21/releases/tag/v3.1.1 (x_refsource_MISC)
https://redmine.freeciv.org/issues/1955 (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-33250?: CVE-2026-33250 is a high-severity vulnerability in Longturn Freeciv21, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2026-03-23.
How severe is CVE-2026-33250?: High severity. CVSS v3 base score is 7.5 out of 10.