A vulnerability described as critical has been identified in Apache Kvrocks up to 2.15.0 . Affected is the function bit.tohex . Such manipulation leads to stack-based buffer overflow. This vulnerability is listed as CVE-2026-46752 . The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.