An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

🗓️ 04 Mar 2026 09:09:54Reported by MicrosoftType

Integer overflow in FreeType may cause out-of-bounds read during OpenType HVAR/MVAR; fixed 2.14.2.

Reporter	Title	Published	Views	Family All 272
IBM Security Bulletins	Security Bulletin: Java Updates for the April 2026 Vulnerability Advisory	24 Jun 202617:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.	22 Jun 202616:22	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime Quarterly CPU - Apr 2026	27 May 202614:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by Multiple Vulnerabilities.	15 Jun 202619:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to IBM Semeru Runtime	22 May 202609:14	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub	23 Jun 202606:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance appliance is affected by multiple Java vulnerabilities	25 Jun 202617:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to multiple issues	15 Jun 202616:09	–	ibm
IBM Security Bulletins	Security Bulletin: Content Manager Enterprise Edition for June 2026 - Multiple CVEs	12 May 202611:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Sterling Connect:Direct for Microsoft Windows	25 Jun 202615:55	–	ibm