2 matches found
CVE-2026-29022
CVE-2026-29022 affects dr_libs/dr_wav.h up to version 0.14.4. The vulnerability is a heap buffer overflow in the function drwav__read_smpl_to_metadata_obj() , caused by a mismatch between sampleLoopCount validation in pass 1 and unconditional processing in pass 2, allowing memory corruption via c...
CVE-2026-32836
CVE-2026-32836 affects dr_libs up to version 0.13.3, where drflac__read_and_decode_metadata() can trigger uncontrolled memory allocation via crafted PICTURE metadata blocks. Attackers can set attacker-controlled mimeLength and descriptionLength to cause memory exhaustion and denial of service whi...