CVE-2026-8295 – Integer overflow in simdjson

CVE ID :CVE-2026-8295

Published : May 14, 2026, 10:27 a.m. | 30 minutes ago

Description :An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in “string_builder::escape_and_append()” when processing very large input strings on platforms with limited “size_t” width (e.g., 32-bit builds). The overflow can cause insufficient buffer allocation, leading to out-of-bounds memory reads in SIMD routines and potentially resulting in information disclosure, memory corruption, or malformed JSON output.
This vulnerability has been fixed in 4.6.4 release

Severity: 6.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-45205 – Apache Commons Configuration: StackOverflowError for YAML input with cycles

CVE-2025-68420 – Privilege Escalation in Comarch ERP Optima

CVE-2025-68421 – Hardcoded credentials in Comarch ERP Optima

CVE-2026-8468 – Unbounded buffer accumulation in multipart header parsing causes denial of service in plug