Skip to main content

Ocaml CVE-2026-28364

HIGH
Buffer Over-read (CWE-126)
2026-02-27 cve@mitre.org
RCE Buffer Overflow Deserialization Ocaml Red Hat Suse
7.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.9 HIGH
AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
SUSE
HIGH
qualitative
Red Hat
7.9 HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
None

Lifecycle Timeline

3
Patch released
Apr 10, 2026 - 14:30 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 27, 2026 - 04:16 nvd
HIGH 7.9

DescriptionCVE.org

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.

AnalysisAI

Remote code execution in OCaml versions before 4.14.3 and 5.x before 5.4.1 allows unauthenticated attackers to execute arbitrary code by supplying malicious serialized data that exploits insufficient bounds checking in the Marshal deserialization function. The vulnerability stems from unbounded memory copy operations in the readblock() function that processes attacker-controlled length values, enabling a multi-stage exploitation chain. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious Marshal serialized data
Delivery
Supply to OCaml deserialization function
Exploit
Trigger unbounded memcpy in readblock()
Execution
Read sensitive memory contents
Impact
Leak information for RCE
Sign in to reveal

Vulnerability AssessmentAI

Exploitation OCaml versions before 4.14.3 or 5.x before 5.4.1 with application deserializing untrusted Marshal data locally; requires local file access or inter-process communication receiving crafted serialized objects. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 7.9 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A remote attacker could exploit this vulnerability to compromise the affected system.
Remediation Monitor vendor advisories for a patch. Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all systems and applications using OCaml, document their versions, and identify which process untrusted Marshal-serialized data. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 SUSE Linux Enterprise High Performance Computing 15 SP7 SUSE Linux Enterprise Module for Development Tools 15 SP7 SUSE Linux Enterprise Server 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS Fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS Fixed
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS Fixed
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS Fixed

Share

CVE-2026-28364 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy