A vulnerability marked as problematic has been reported in llvm llvm-project up to 22.1.6 . This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler . This manipulation causes heap-based buffer overflow. This vulnerability is handled as CVE-2026-13574 . It is possible to launch the attack on the local host. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has n