CVE-2026-32836
dr_libs dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vuln
CVSS
6.2
Medio
EPSS
0.2%
p8
KEV
—
Exploit Today
2
0-100
Publicado: 17 mar 2026 · Última mod.: 14 jul 2026 · CWE-789
0.2%EPSS · 30 días0.2%
2026-06-302026-07-17
dr_libs dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks.
- github.comhttps://github.com/mackron/dr_libs/commit/4f5a4cd3b57564d969443c580c75857e039f100a
- github.comhttps://github.com/mackron/dr_libs/commit/663239a3d0460c33bd5b6e5166edcb404e3df676
- github.comhttps://github.com/mackron/dr_libs/commit/fefced4a64adfb1a68a2d31d882366e56096dee8
- github.comhttps://github.com/mackron/dr_libs/issues/298
- www.vulncheck.comhttps://www.vulncheck.com/advisories/mackron-dr-libs-excessive-memory-allocation-in-picture-metadata-parsing
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-499757.5 ALT95.5%
——29Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests.
This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67.3dCVE-2026-403787.5 ALT53.0%
——16Memory allocation with excessive size value in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.1dCVE-2026-539177.5 ALT52.3%
——16Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker.
An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message property maps are unmarshaled without size validation which can trigger OOM and crash the broker.
This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7.
Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.15dCVE-2026-539167.5 ALT52.3%
——16Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.
An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM heap.
This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.
Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.15dCVE-2026-507347.5 ALT52.3%
——16Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All.
An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker.
This issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.
Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.15dCVE-2026-421547.5 ALT51.2%
——15Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a small payload that causes a huge heap allocation per request. Under concurrent load this can exhaust available memory and crash the Prometheus process. This issue has been patched in versions 3.5.3 and 3.11.3.13h