OSV-2026-910 Heap-use-after-free in gf_node_unregister

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=523017646 Crash type: Heap-use-after-free READ 8 Crash state: gfnodeunregister BDDecSceneReplace BMSceneReplace...

OSV-2026-907 Heap-use-after-free in gf_sg_route_del

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=523017644 Crash type: Heap-use-after-free READ 8 Crash state: gfsgroutedel gfsgreset gfsgdel...

OSV-2026-892 Heap-buffer-overflow in decode_R13_RNUMBER

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=521044421 Crash type: Heap-buffer-overflow READ 8 Crash state: decodeR13RNUMBER dwgdecode llvmfuzz.c...

OSV-2026-889 Use-of-uninitialized-value in vp8_compute_skin_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520701729 Crash type: Use-of-uninitialized-value Crash state: vp8computeskinblock encodeframetodatarate vp8getcompresseddata...

OSV-2026-863 Global-buffer-overflow in cram_decoder_init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519841736 Crash type: Global-buffer-overflow READ 8 Crash state: cramdecoderinit cramdecodecompressionheader cramnextslice...

OSV-2026-850 Heap-buffer-overflow in opus_repacketizer_out_range_impl

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519646826 Crash type: Heap-buffer-overflow WRITE Crash state: opusrepacketizeroutrangeimpl opusrepacketizeroutrange codecparse...

OSV-2026-824 Stack-buffer-overflow in coolkey_rsa_op

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517058311 Crash type: Stack-buffer-overflow READ Crash state: coolkeyrsaop coolkeycomputecrypt sccomputesignature...

OSV-2026-823 Heap-buffer-overflow in ihevcd_fmt_conv_422sp_to_420p

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027631 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv422spto420p ihevcdfmtconv ihevcddecode...

PT-2026-47226

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027631 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcd fmt conv 422sp to 420p ihevcd fmt conv ihevcd decode...

OSV-2026-816 Heap-buffer-overflow in md_process_all_blocks

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422428 Crash type: Heap-buffer-overflow READ Crash state: mdprocessallblocks mdparse mdhtml...

OSV-2026-812 Heap-buffer-overflow in ihevcd_fmt_conv_422sp_to_420p

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516319578 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv422spto420p ihevcdfmtconv ihevcddecode...

PT-2026-46875

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516319578 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcd fmt conv 422sp to 420p ihevcd fmt conv ihevcd decode...

OSV-2026-805 Heap-buffer-overflow in ihevcd_fmt_conv

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=515832483 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv ihevcddecode ihevcdcxaapifunction...

OSV-2026-795 Stack-buffer-underflow in probe_dasd_pt

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=514896889 Crash type: Stack-buffer-underflow READ 1 Crash state: probedasdpt idinfoprobe partitionsprobe...

OSV-2026-767 Heap-use-after-free in gf_sg_reset

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513912488 Crash type: Heap-use-after-free READ 8 Crash state: gfsgreset gfsgdel fuzzscene.c...

OSV-2026-760 Heap-buffer-overflow in md_decode_utf8__

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513677122 Crash type: Heap-buffer-overflow READ 1 Crash state: mddecodeutf8 mdskipunicodewhitespace mdlinklabelhash...

OSV-2026-752 Heap-buffer-overflow in Mat_VarGetStructsLinear

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513434228 Crash type: Heap-buffer-overflow WRITE 8 Crash state: MatVarGetStructsLinear matiostructcellfuzzer.cpp...

OSV-2026-750 Heap-buffer-overflow in MqttDecode_Props

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513047073 Crash type: Heap-buffer-overflow READ 1 Crash state: MqttDecodeProps MqttDecodeDisconnect MqttClientDecodePacket...

OSV-2026-748 Heap-buffer-overflow in p11_lexer_next

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513102821 Crash type: Heap-buffer-overflow READ 2 Crash state: p11lexernext p11persistread p11parserformatpersist...

OSV-2026-747 Heap-buffer-overflow in coap_persist_startup_lkd

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513035615 Crash type: Heap-buffer-overflow READ 8 Crash state: coappersiststartuplkd persisttarget.c...