OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files.OTFCC suffers from a heap buffer overflow vulnerability that stems from a boundary error in /release-x64/otfccdump 0x61731f when handling untrusted input. An attacker could exploit the vulnerability to cause a program crash.