CyberRota
← Ana sayfaya dön

CVE-2026-1764

MEDIUM · CVSS 5.6 EPSS %0.21

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-16T02:16:17.103 · Çekilme zamanı: 2026-06-30T18:22:57.533716+00:00

CyberRota Yorumu

Bellek tüketimine neden olabilir. Uzaktan istismar edilebilir olabilir.

CVE
CVE-2026-1764
Severity
MEDIUM
CVSS
5.6
EPSS
%0.21

Orijinal NVD Açıklaması

A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the `extract_performers_tags` function can lead to a heap buffer overflow. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by triggering a read of unmapped memory. In some cases, it could also lead to information disclosure by reading visible heap data.