{"id":"CVE-2026-39199","details":"snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file.","modified":"2026-07-08T08:13:31.528694383Z","published":"2026-06-17T00:00:00Z","database_specific":{"cwe_ids":["CWE-787"],"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/39xxx/CVE-2026-39199.json"},"references":[{"type":"WEB","url":"https://karansaini.com/snes9x-oob-write/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/39xxx/CVE-2026-39199.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39199"},{"type":"REPORT","url":"https://github.com/snes9xgit/snes9x/issues/1035"},{"type":"FIX","url":"https://github.com/snes9xgit/snes9x/commit/96b366100172723f6314c40e237b370f4f7b59f4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/snes9xgit/snes9x","events":[{"introduced":"921f9f7b83660eb44ad263022a57a4a029057c37"},{"fixed":"96b366100172723f6314c40e237b370f4f7b59f4"}],"database_specific":{"extracted_events":[{"introduced":"1.63"},{"last_affected":"1.63"}],"source":["AFFECTED_FIELD","REFERENCES"]}}],"versions":["1.63"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-39199.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}