CVE-2026-32837

🗓️ 17 Mar 2026 19:10:06Reported by VulnCheckType

CVE-2026-32837: Miniaudio versions before 0.11.25 have a heap out-of-bounds read in the WAV BEXT coding history parser, causing crashes.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2026-32837	17 Mar 202619:10	–	attackerkb
Circl	CVE-2026-32837	17 Mar 202619:16	–	circl
CNNVD	miniaudio 安全漏洞	17 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-32837 mackron / miniaudio Out-of-Bounds Read in BEXT Coding History Parsing	17 Mar 202619:10	–	cvelist
Debian CVE	CVE-2026-32837	17 Mar 202619:10	–	debiancve
EUVD	EUVD-2026-12633	17 Mar 202621:31	–	euvd
NVD	CVE-2026-32837	17 Mar 202620:16	–	nvd
OSV	DEBIAN-CVE-2026-32837	17 Mar 202620:16	–	osv
OSV	UBUNTU-CVE-2026-32837	17 Mar 202620:16	–	osv
RedhatCVE	CVE-2026-32837	18 Mar 202603:23	–	redhatcve

NVD

Vulners

Node

mackron miniaudioRange≤0.11.25

[
  {
    "vendor": "mackron",
    "product": "miniaudio",
    "repo": "https://github.com/mackron/miniaudio",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "0.11.25",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "1df46ae9a0eed5aa9f58b179d2cc4af5d23f8bde",
        "versionType": "git"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
github	www.github.com/mackron/miniaudio/commit/1df46ae9a0eed5aa9f58b179d2cc4af5d23f8bde
github	www.github.com/mackron/dr_libs/commit/04e40d66a7ba1632f93ec1328d4b42ad986e3ee0
vulncheck	www.vulncheck.com/advisories/mackron-miniaudio-out-of-bounds-read-in-bext-coding-history-parsing
github	www.github.com/mackron/miniaudio/issues/1101

27 Apr 2026 16:16Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.14 - 5.5

CVSS 45.1

EPSS0.00006

SSVC

CWE-170