OSV-2026-169 Null-dereference READ in execute_post_instantiate_functions

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479872443 Crash type: Null-dereference READ Crash state: executepostinstantiatefunctions wasminstantiate wasmruntimeinstantiate...

OSV-2026-167 Use-of-uninitialized-value in aivdm_analyze

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479564939 Crash type: Use-of-uninitialized-value Crash state: aivdmanalyze gpsdpoll FuzzDrivers.c...

OSV-2026-156 Segv on unknown address in aivdm_analyze

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478021379 Crash type: Segv on unknown address Crash state: aivdmanalyze gpsdpoll FuzzDrivers.c...

OSV-2026-153 Security exception in org.apache.lucene.analysis.miscellaneous.ConcatenateGraphFilter$BytesRefBuilderT

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478558485 Crash type: Security exception Crash state: org.apache.lucene.analysis.miscellaneous.ConcatenateGraphFilter$BytesRefBuilderT org.apache.lucene.analysis.miscellaneous.ConcatenateGraphFilter$BytesRefBuilderT...

OSV-2026-150 Null-dereference READ in wasm_runtime_invoke_native

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478557340 Crash type: Null-dereference READ Crash state: wasmruntimeinvokenative wasminterpcallwasm wasmcallfunction...

OSV-2026-145 Heap-buffer-overflow in pcre2_compile_32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478301105 Crash type: Heap-buffer-overflow WRITE 4 Crash state: pcre2compile32 pcre2fuzzsupport.c...

OSV-2026-141 Segv on unknown address in yuv2rgb4_X_c

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478212631 Crash type: Segv on unknown address Crash state: yuv2rgb4Xc packedvscale ffswscale...

OSV-2026-136 Memcpy-param-overlap in grk::memStreamRead

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478035120 Crash type: Memcpy-param-overlap Crash state: grk::memStreamRead grk::BufferedStream::read grk::MarkerParser::readSOTorEOC...

OSV-2026-128 UNKNOWN READ in rapidjson::internal::DigitGen

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=477993729 Crash type: UNKNOWN READ Crash state: rapidjson::internal::DigitGen rapidjson::internal::Grisu2 rapidjson::Writer, rapidjso...

OSV-2026-122 Use-of-uninitialized-value in rtcm2_unpack

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=477971098 Crash type: Use-of-uninitialized-value Crash state: rtcm2unpack rtcm104v2analyze gpsdpoll...

OSV-2026-119 Segv on unknown address in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=477658237 Crash type: Segv on unknown address Crash state: gpsdpoll FuzzDrivers.c...

OSV-2026-108 UNKNOWN in rapidjson::PrettyWriter<rapidjson::GenericStringBuffer<rapidjson::UTF8<char>, ra

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=477111546 Crash type: UNKNOWN Crash state: rapidjson::PrettyWriter, ra bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat...

OSV-2026-98 Heap-buffer-overflow in hostname_issubdomain

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476539622 Crash type: Heap-buffer-overflow READ 1 Crash state: hostnameissubdomain fuzzutil.c...

OSV-2026-94 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476574781 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement java.base/jdk.internal.misc.Unsafe.weakCompareAndSetInt...

OSV-2026-91 Use-after-poison in compress.cc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476224483 Crash type: Use-after-poison READ 1 Crash state: compress.cc LLVMFuzzerRunDriver selfdestruct...

OSV-2026-86 Security exception in java.base/java.util.Arrays.copyOfRange

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476431399 Crash type: Security exception Crash state: java.base/java.util.Arrays.copyOfRange org.apache.poi.util.IOUtils.safelyClone org.apache.poi.ddf.EscherBlipRecord.setPictureData...

OSV-2025-1061 Security exception in org.apache.poi.hssf.record.aggregates.SharedValueManager$SharedFormulaGroup.<ini

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476431391 Crash type: Security exception Crash state: org.apache.poi.hssf.record.aggregates.SharedValueManager$SharedFormulaGroup. org.apache.poi.hssf.record.aggregates.SharedValueManager.create...

OSV-2025-1059 Security exception in com.google.re2j.Machine.add

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476431390 Crash type: Security exception Crash state: com.google.re2j.Machine.add com.google.re2j.Machine$Thread. com.google.re2j.Machine.alloc...

OSV-2026-76 Security exception in org.htmlunit.cyberneko.HTMLTagBalancer.endElement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476170180 Crash type: Security exception Crash state: org.htmlunit.cyberneko.HTMLTagBalancer.endElement org.htmlunit.cyberneko.HTMLElements$HTMLElementsWithCache.getElement...

OSV-2026-74 Heap-buffer-overflow in ___interceptor_strtol

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476180586 Crash type: Heap-buffer-overflow READ 3 Crash state: interceptorstrtol Assimp::ObjFileParser::getFace Assimp::ObjFileParser::parseFile...