OSV-2026-392 UNKNOWN READ in pcpp::BgpLayer::getHeaderLen

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=491687588 Crash type: UNKNOWN READ Crash state: pcpp::BgpLayer::getHeaderLen pcpp::Packet::shortenLayer pcpp::Layer::shortenLayer...

OSV-2026-384 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=491529466 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/java.nio.CharBuffer.wrap java.base/sun.nio.cs.StreamEncoder.implWrite...

OSV-2026-371 Heap-buffer-overflow in tinyobj::tryParseDouble

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490598877 Crash type: Heap-buffer-overflow READ 1 Crash state: tinyobj::tryParseDouble tinyobj::LoadObjInternal tinyobj::LoadObj...

OSV-2026-370 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490658507 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/java.lang.System$2.encodeASCII java.base/sun.nio.cs.UTF8$Encoder.encodeArrayLoop...

OSV-2026-359 Segv on unknown address in gpsd_vlog

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490142464 Crash type: Segv on unknown address Crash state: gpsdvlog gpsdlog processGSV...

OSV-2026-357 Heap-buffer-overflow in _cupsRasterAddError

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489911024 Crash type: Heap-buffer-overflow WRITE 3 Crash state: cupsRasterAddError cupsRasterExecPS fuzzcups.c...

OSV-2026-356 Security exception in org.apache.lucene.util.ArrayUtil.copyOfSubArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489370855 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.copyOfSubArray org.apache.lucene.util.BytesRef.deepCopyOf org.apache.lucene.index.Term...

OSV-2026-354 Use-of-uninitialized-value in pcpp::MplsLayer::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489360236 Crash type: Use-of-uninitialized-value Crash state: pcpp::MplsLayer::toString FuzzTarget.cpp pcpp::RawPacket::RawPacket...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the decode0x0805 function of the CRW image parser. An attacker can cause the application to read memory outside the bounds of an allocated buffer by providing a specially crafted CRW image file. Remediation A fix w...

OSV-2026-343 Heap-buffer-overflow in pcre2_compile_32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488713937 Crash type: Heap-buffer-overflow WRITE 4 Crash state: pcre2compile32 pcre2fuzzsupport.c...

OSV-2026-341 Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488745540 Crash type: Security exception Crash state: com.codeintelligence.jazzer.sanitizers.RegexInjection.hookInternal com.codeintelligence.jazzer.sanitizers.RegexInjection.patternHook...

OSV-2026-338 Use-of-uninitialized-value in pjsip_auth_clt_init_req

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488721002 Crash type: Use-of-uninitialized-value Crash state: pjsipauthcltinitreq fuzz-sip.c fuzz-sip.c...

OSV-2026-324 Security exception in java.base/java.util.Arrays.copyOfRange

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488130836 Crash type: Security exception Crash state: java.base/java.util.Arrays.copyOfRange java.base/java.lang.StringUTF16.newString java.base/java.lang.StringBuilder.toString...

OSV-2026-308 Heap-buffer-overflow in vcardstructured_new_from_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486715154 Crash type: Heap-buffer-overflow WRITE 8 Crash state: vcardstructurednewfromstring vcardparametersetvaluefromstring parsevcard...

OSV-2026-307 Global-buffer-overflow in navcom_parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486709178 Crash type: Global-buffer-overflow READ 1 Crash state: navcomparse gpsdpoll FuzzDrivers.c...

OSV-2026-302 Use-of-uninitialized-value in BIO_new_file

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486713209 Crash type: Use-of-uninitialized-value Crash state: BIOnewfile libcrypto.so.3 CONFmodulesloadfileex...

OSV-2026-297 Security exception in org.apache.poi.util.IOUtils.safelyAllocate

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486522036 Crash type: Security exception Crash state: org.apache.poi.util.IOUtils.safelyAllocate org.apache.poi.hssf.record.RecordInputStream.readRemainder org.apache.poi.hssf.record.UnknownRecord...

OSV-2026-292 UNKNOWN WRITE in <wasmtime::runtime::func::Func>::call_unchecked_raw::<

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486503337 Crash type: UNKNOWN WRITE Crash state: ::calluncheckedraw::::queuecall...

OSV-2026-272 Heap-use-after-free in vcardproperty_get_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=485932113 Crash type: Heap-use-after-free READ 8 Crash state: vcardpropertygetvalue vcardpropertygetversion parsevcard...

OSV-2026-261 Segv on unknown address in ___interceptor_strtol

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=485071710 Crash type: Segv on unknown address Crash state: interceptorstrtol processPASHR nmeaparse...