Cyber Resilience

CVE-2021-47972

HighPublic PoC

Published: 16 May 2026

Published
16 May 2026
Modified
18 May 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0028 20.2th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2021-47972 is a high-severity Memory Allocation with Excessive Size Value (CWE-789) vulnerability. Its CVSS base score is 8.7 (High).

Operationally, ranked at the 20.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger…

more

application crashes and make the application stop responding.

CWE(s)

Related Threats

CVEs Like This One

CVE-2026-24030Shared CWE-789
CVE-2026-35186Shared CWE-789
CVE-2026-28253Shared CWE-789
CVE-2026-39312Shared CWE-789
CVE-2021-47944Shared CWE-789
CVE-2021-47973Shared CWE-789
CVE-2025-30211Shared CWE-789
CVE-2018-25368Shared CWE-789
CVE-2024-52791Shared CWE-789
CVE-2026-8485Shared CWE-789

Affected Assets

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References