Vulnerabilities

Report: - uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided CVE-2026-41907

2026-04-24 0 views admin

CVE ID :CVE-2026-41907 Published : April 24, 2026, 7:17 p.m. | 39 minutes ago Description :uuid is for the creation of RFC9562 (formerly RFC4122) UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes (small buf or large offset). This allows silent partial writes into caller-provided buffers. This vulnerability is fixed in 14.0.0. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-41907

Severity

HIGH

Published

April 24, 2026

🏷️ Tags

reportmissingbufferboundscheckprovided41907publishedcvecve-2026-41907

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: - uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided CVE-2026-41907

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-41426 - pretalx: Email injection via unescaped user-controlled placeholders in pretalx m

Report: - OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode() CVE-2026-33662

Report: Ultimate Guide: CVE-2026-33524 - Zserio: Integer Overflow in BitStreamReader and Unbounded Memory Allocation in D...

Report: CVE-2026-33666 - Zserio: Integer Overflow in BitStreamReader on 32-bit platforms

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting