OSV-2026-534 Heap-buffer-overflow in cram_encode_container

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499447432 Crash type: Heap-buffer-overflow READ 1 Crash state: cramencodecontainer cramflushcontainermt cramclose...

OSS-CRS: Liberating AIxCC Cyber Reasoning Systems for Real-World Open-Source Security

DARPA's AI Cyber Challenge AIxCC showed that cyber reasoning systems CRSs can go beyond vulnerability discovery to autonomously confirm and patch bugs: seven teams built such systems and open-sourced them after the competition. Yet all seven open-sourced CRSs remain largely unusable outside their...

OSV-2026-196 Null-dereference READ in ubsan_GetStackTrace

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481752521 Crash type: Null-dereference READ Crash state: ubsanGetStackTrace...

Bugs that survive the heat of continuous fuzzing

Even when a project has been intensively fuzzed for years, bugs can still survive. ​​OSS-Fuzz is one of the most impactful security initiatives in open source. In collaboration with the OpenSSF Foundation, it has helped to find thousands of bugs in open-source software. Today, OSS-Fuzz fuzzes mor...

OSV-2025-884 Heap-use-after-free in JS_DefineProperty

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=458199402 Crash type: Heap-use-after-free READ 8 Crash state: JSDefineProperty buildbacktrace JSCallInternal...

FalseCrashReducer: Mitigating False Positive Crashes in OSS-Fuzz-Gen Using Agentic AI

Fuzz testing has become a cornerstone technique for identifying software bugs and security vulnerabilities, with broad adoption in both industry and open-source communities. Directly fuzzing a function requires fuzz drivers, which translate random fuzzer inputs into valid arguments for the target...

OSV-2025-766 Heap-buffer-overflow in Open

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=446027676 Crash type: Heap-buffer-overflow READ 4 Crash state: Open demuxProbe vlcmoduleload...

PT-2025-34581 · Git · Libwebp

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=438264629 Crash type: Null-dereference READ Crash state: advanced api [email protected]...

PT-2025-34262 · Git · Clamav

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=429489013 Crash type: Invalid-free Crash state: cli pdf cli scanpdf cli magic scan...

OSV-2024-1311 Security exception in java.base/java.util.Arrays.copyOfRange

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=378836879 Crash type: Security exception Crash state: java.base/java.util.Arrays.copyOfRange java.base/java.lang.StringUTF16.newString java.base/java.lang.StringBuilder.toString...

PT-2024-40857 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A crash occurred due to an unknown read issue, as reported by OSS-Fuzz. The crash state includes functions such as chunk free object, sclose, and sfclose. No information is available...

PT-2024-40720 · Git +1 · Pcapplusplus

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read crash was identified. The crash occurred in the readParsedPacket function, as indicated by the crash state. This issue was...

PT-2022-36755 · Git +1 · Wasmtime

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash reported by OSS-Fuzz, with a crash type of UNKNOWN WRITE. The crash occurs in the instantiate many function, specifically...