CVE-2026-32836

🗓️ 17 Mar 2026 19:10:19Reported by VulnCheckType

Excessive memory allocation in dr_libs metadata parsing via PICTURE blocks causes memory exhaustion.

Reporter	Title	Published	Views	Family All 17
ATTACKERKB	CVE-2026-32836	17 Mar 202619:10	–	attackerkb
Circl	CVE-2026-32836	17 Mar 202619:16	–	circl
CNNVD	dr_libs 安全漏洞	17 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing	17 Mar 202619:10	–	cvelist
Debian CVE	CVE-2026-32836	17 Mar 202619:10	–	debiancve
EUVD	EUVD-2026-12631	17 Mar 202621:31	–	euvd
NVD	CVE-2026-32836	17 Mar 202620:16	–	nvd
OSV	DEBIAN-CVE-2026-32836	17 Mar 202620:16	–	osv
OSV	UBUNTU-CVE-2026-32836	17 Mar 202620:16	–	osv
RedhatCVE	CVE-2026-32836	18 Mar 202603:23	–	redhatcve

NVD

Vulners

Node

mackron dr_libsRange≤0.13.3

[
  {
    "vendor": "mackron",
    "product": "dr_libs dr_flac.h",
    "repo": "https://github.com/mackron/dr_libs/blob/master/dr_flac.h",
    "modules": [
      "dr_flac.h"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "0.13.3",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "fefced4a64adfb1a68a2d31d882366e56096dee8",
        "versionType": "git"
      },
      {
        "status": "unaffected",
        "version": "4f5a4cd3b57564d969443c580c75857e039f100a",
        "versionType": "git"
      },
      {
        "status": "unaffected",
        "version": "663239a3d0460c33bd5b6e5166edcb404e3df676",
        "versionType": "git"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
github	www.github.com/mackron/dr_libs/issues/298
github	www.github.com/mackron/dr_libs/commit/4f5a4cd3b57564d969443c580c75857e039f100a
github	www.github.com/mackron/dr_libs/commit/663239a3d0460c33bd5b6e5166edcb404e3df676
github	www.github.com/mackron/dr_libs/commit/fefced4a64adfb1a68a2d31d882366e56096dee8
vulncheck	www.vulncheck.com/advisories/mackron-dr-libs-excessive-memory-allocation-in-picture-metadata-parsing

17 Jun 2026 10:36Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.15.5 - 6.2

CVSS 46.9

EPSS0.00183

SSVC

CWE-789