CVE-2021-40391

EPSS 0.47% · P65 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-40391

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

未有动作错误条件的检测

Source: NVD (National Vulnerability Database)

Vulnerability Title

Gerbv 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Gerbv是一个 Gerber 文件（仅限 Rs-274X）查看器。用于查看 Rs-274X Gerber 文件、Excellon 钻孔文件和 Pick-N-Place 文件。 Gerbv 存在安全漏洞，该漏洞源于drill 格式 T-code 工具编号函数中存在越界写入漏洞，一个专门制作的drill文件可以导致代码的执行。攻击者可利用该漏洞可以提供恶意文件来触发此漏洞。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Gerbv	Gerbv 2.7.0 , Gerbv dev (commit b5f1eacd) ,Gerbv forked dev (commit 71493260)	-

II. Public POCs for CVE-2021-40391

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-40391

请登录查看更多情报信息。

https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1402x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUM5GIUZJ7AVHVCXDZW6ZVCAPV2ISN47/vendor-advisoryx_refsource_FEDORA
https://nvd.nist.gov/vuln/detail/CVE-2021-40391

Same Patch Batch · n/a · 2021-11-19 · 35 CVEs total

CVE-2021-23433	5.9 MEDIUM	Prototype Pollution
CVE-2021-37592		Suricata 缓冲区错误漏洞
CVE-2021-29323		Moddable SDK 缓冲区错误漏洞
CVE-2021-29324		Moddable SDK 缓冲区错误漏洞
CVE-2021-22028		Greenplum Database 路径遍历漏洞
CVE-2021-3962		ImageMagick 资源管理错误漏洞
CVE-2021-22030		Greenplum Database 日志信息泄露漏洞
CVE-2021-22053		VMware Spring Cloud Netflix 代码注入漏洞
CVE-2021-33850		WordPress 跨站脚本漏洞
CVE-2021-29325		Moddable SDK 缓冲区错误漏洞
CVE-2021-41435		ASUS routers 安全漏洞
CVE-2021-41436		ASUS routers 环境问题漏洞
CVE-2021-44033		Ionic Identity Vault 安全漏洞
CVE-2021-44025		Roundcube Webmail 跨站脚本漏洞
CVE-2021-44026		Roundcube Webmail SQL注入漏洞
CVE-2021-21898		LibreCAD 缓冲区错误漏洞
CVE-2021-21899		LibreCAD 缓冲区错误漏洞
CVE-2021-21900		LibreCAD 资源管理错误漏洞
CVE-2021-29326		Moddable SDK 缓冲区错误漏洞
CVE-2021-29327		Moddable SDK 缓冲区错误漏洞

Showing top 20 of 35 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Gerbv

Same vendor: n/a

Same weakness: CWE-390

V. Comments for CVE-2021-40391

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-40391

I. Basic Information for CVE-2021-40391

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-40391

III. Intelligence Information for CVE-2021-40391

Same Patch Batch · n/a · 2021-11-19 · 35 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-40391

Leave a comment