Skip to main content

Dr Libs

2 CVEs product

Monthly

CVE-2026-32836 MEDIUM This Month

Denial of service in dr_libs 0.13.3 and earlier enables local attackers with user privileges to exhaust system memory by supplying malicious PICTURE metadata blocks with oversized length fields in FLAC streams. The vulnerability resides in improper bounds checking during metadata parsing, allowing uncontrolled memory allocation that crashes applications processing affected audio files. No patch is currently available.

Denial Of Service Dr Libs
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-29022 MEDIUM POC PATCH This Month

Heap buffer overflow in dr_libs 0.14.4 and earlier allows attackers to corrupt memory by supplying maliciously crafted WAV files to any application using drwav_init_*_with_metadata() functions. The vulnerability exploits inconsistent validation of sample loop counts between processing passes, enabling 36 bytes of attacker-controlled data to overflow heap allocations. Public exploit code exists for this vulnerability.

Buffer Overflow Heap Overflow Dr Libs
NVD GitHub VulDB
CVSS 4.0
6.8
EPSS
0.0%
EPSS 0% CVSS 6.9
MEDIUM This Month

Denial of service in dr_libs 0.13.3 and earlier enables local attackers with user privileges to exhaust system memory by supplying malicious PICTURE metadata blocks with oversized length fields in FLAC streams. The vulnerability resides in improper bounds checking during metadata parsing, allowing uncontrolled memory allocation that crashes applications processing affected audio files. No patch is currently available.

Denial Of Service Dr Libs
NVD GitHub VulDB
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

Heap buffer overflow in dr_libs 0.14.4 and earlier allows attackers to corrupt memory by supplying maliciously crafted WAV files to any application using drwav_init_*_with_metadata() functions. The vulnerability exploits inconsistent validation of sample loop counts between processing passes, enabling 36 bytes of attacker-controlled data to overflow heap allocations. Public exploit code exists for this vulnerability.

Buffer Overflow Heap Overflow Dr Libs
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy