A vulnerability identified as critical has been detected in Uncrustify . The impacted element is the function check_template function/tokenize_cleanup of the file check_template.cpp . Performing a manipulation results in buffer overflow. This vulnerability is identified as CVE-2026-36189 . The attack is only possible with local access. There is not any exploit available. It is recommended to apply a patch to fix this issue.