When using an incomplete variable argument, Irssi may access data beyond the end of the string. The exploitation of the issue requires user to install malicious or broken files or enter affected commands.
External References: https://irssi.org/security/irssi_sa_2018_01.txt
Created irssi tracking bugs for this issue: Affects: fedora-all [bug 1532625]