CVE-2026-31963

A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. When processing CRAM Compressed Reference-oriented Alignment Map files, an out-by-one error in feature decoding can cause a heap buffer overflow. This vulnerability allows an attacker to craft a malicious...

CVE-2026-31969

HTSlib CRAM decoding bug: a heap buffer overflow in cram_byte_array_stop_decode_char() when decoding BYTE_ARRAY_STOP can write an attacker-controlled byte past a heap allocation. This arises from an out-by-one check in the full output buffer. Consequence could be program crash, data/heap-structur...

CVE-2026-31964 HTSlib CRAM decoder has a NULL Pointer Dereference

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. While most alignment records store DNA sequence and quality values, the format also allows them to om...

EUVD-2026-12923

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. While most alignment records store DNA sequence and quality values, the format also allows them to omit this data in certain cases to save space. Due to...

Linux Distros Unpatched Vulnerability : CVE-2026-31962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. While most...