Skip to main content

Suse CVE-2026-0943

HIGH
NULL Pointer Dereference (CWE-476)
2026-01-19 9b29abf9-4ab0-4765-b253-1875cd9b441e
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Patch released
Apr 09, 2026 - 14:30 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 19, 2026 - 04:15 nvd
HIGH 7.5

DescriptionCVE.org

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability.

Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hb_src.tar.gz in the source tarball, which is affected by CVE-2026-22693.

AnalysisAI

HarfBuzz::Shaper for Perl versions before 0.032 contain a null pointer dereference in the bundled HarfBuzz library that allows remote attackers to cause a denial of service without authentication or user interaction. The vulnerability affects applications using vulnerable versions of the library and results in service unavailability. No patch is currently available.

Technical ContextAI

Classified as CWE-476 (NULL Pointer Dereference). Affects Harfbuzz\. HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability.

Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hb_src.tar.gz in the source tarball, which is affected by CVE-2026-22693.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Micro 5.2 Fixed
SUSE Linux Enterprise Micro 5.3 Fixed
SUSE Linux Enterprise Micro 5.4 Fixed

Share

CVE-2026-0943 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy