OSV-2026-244 Use-of-uninitialized-value in ihevcd_fmt_conv

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=484466027 Crash type: Use-of-uninitialized-value Crash state: ihevcdfmtconv ihevcdprocessthread...

OSV-2026-242 Use-of-uninitialized-value in ntrip_parse_url

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=483900342 Crash type: Use-of-uninitialized-value Crash state: ntripparseurl FuzzClient.c...

OSV-2026-240 Use-of-uninitialized-value in packet_get1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=483928517 Crash type: Use-of-uninitialized-value Crash state: packetget1 gpsdpoll FuzzDrivers.c...

GHSA-8H58-W33P-WQ3G rPGP affected by crash in message handling for deeply nested messages

Summary Previous rPGP versions could be caused to crash with a "stack overflow" when parsing messages that contain deeply nested message layers, such as messages with many signatures. rPGP 0.19.0 resolves this issue with a more robust message handling implementation via...

CVE-2020-37104

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

OSV-2026-229 Segv on unknown address in aiAnimation::~aiAnimation

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=483188619 Crash type: Segv on unknown address Crash state: aiAnimation::aiAnimation aiScene::aiScene Assimp::BaseImporter::ReadFile...

OSV-2026-226 UNKNOWN WRITE in decode_xa2_00

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482909898 Crash type: UNKNOWN WRITE Crash state: decodexa200 tsipparseinput gpsdpoll...

GPU-Fuzz: Finding Memory Errors in Deep Learning Frameworks

GPU memory errors are a critical threat to deep learning DL frameworks, leading to crashes or even security issues. We introduce GPU-Fuzz, a fuzzer locating these issues efficiently by modeling operator parameters as formal constraints. GPU-Fuzz utilizes a constraint solver to generate test cases...

OSV-2026-212 UNKNOWN READ in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482617785 Crash type: UNKNOWN READ Crash state: gpsdpoll FuzzDriversStructured.c...

OSV-2026-209 Use-of-uninitialized-value in ntrip_parse_url

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482281265 Crash type: Use-of-uninitialized-value Crash state: ntripparseurl FuzzClient.c...

OSV-2026-203 Segv on unknown address in glslang::TIntermediate::addSymbol

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481635421 Crash type: Segv on unknown address Crash state: glslang::TIntermediate::addSymbol glslang::HlslParseContext::handleFunctionCall glslang::HlslParseContext::transformEntryPoint...

OSV-2026-195 Use-of-uninitialized-value in vcardstructured_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481458325 Crash type: Use-of-uninitialized-value Crash state: vcardstructuredfree vcardparameterfree vcardpropertyfree...

OSV-2026-190 Security exception in com.ctc.wstx.util.TextBuffer.buildResultArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=480987597 Crash type: Security exception Crash state: com.ctc.wstx.util.TextBuffer.buildResultArray com.ctc.wstx.util.TextBuffer.contentsAsArray com.ctc.wstx.dtd.FullDTDReader.parseEntityValue...

OSV-2026-189 Global-buffer-overflow in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=480975802 Crash type: Global-buffer-overflow READ 1 Crash state: gpsdpoll FuzzDriversStructured.c...

CLSA-2026-1770111651 glib2: Fix of CVE-2025-13601

CVE-2025-13601: Fixed incorrect buffer size calculation in gescapeuristring and added fuzz tests - 4-0001-fix-gdatetime-test: fixes gdatetime test failing...

OSV-2026-182 Use-of-uninitialized-value in json_internal_read_object

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479922669 Crash type: Use-of-uninitialized-value Crash state: jsoninternalreadobject jsondeviceread FuzzClient.c...

CLSA-2026-1770025166 glib2: Fix of CVE-2025-13601

CVE-2025-13601: fix incorrect buffer size calculation in gescapeuristring - add fuzz tests for gfilenameto,fromuri...

OSV-2026-176 Container-overflow in std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479922666 Crash type: Container-overflow READ Crash state: std::1::vector, std:: void std::1::vector, fillcommonheader...

OSV-2025-1068 Security exception in java.base/java.util.Arrays.copyOfRange

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479873902 Crash type: Security exception Crash state: java.base/java.util.Arrays.copyOfRange java.base/java.lang.StringLatin1.newString java.base/java.lang.StringBuilder.toString...

OSV-2026-170 Use-of-uninitialized-value in pcpp::PcapNgFileReaderDevice::getNextPacketInternal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479882050 Crash type: Use-of-uninitialized-value Crash state: pcpp::PcapNgFileReaderDevice::getNextPacketInternal pcpp::IFileReaderDevice::getNextPackets FuzzWriter.cpp...