EUVD-2026-14766
GHSA-r29r-g6g3-64qx
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Lifecycle Timeline
4Description
Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof: before woof_15.3.0.
Analysis
Out-of-bounds read in woof before version 15.3.0 allows remote attackers to trigger information disclosure and denial of service without authentication or user interaction. This critical vulnerability affects Debian systems and can be exploited over the network to leak sensitive data or crash the application. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems running woof versions prior to 15.3.0 and assess production exposure. Within 7 days: Deploy vendor patch 15.3.0 or later from GitHub pull request #2521 to all affected systems, prioritizing production environments. …
Sign in for detailed remediation steps.
Priority Score
Vendor Status
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bookworm | vulnerable | 10.5.1+dfsg-1 | - |
| trixie | vulnerable | 15.2.0+dfsg-1 | - |
| forky, sid | vulnerable | 15.3.0+dfsg-1 | - |
| (unstable) | fixed | (unfixed) | - |
Share
External POC / Exploit Code
Leaving vuln.today