By weakness (CWE)

CWE-125: related vulnerabilities

CVEs classified under CWE-125. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

109 published vulnerabilities · page 2 of 2

  • CVE-2026-48104MEDIUM 4.2

    7-Zip versions 9.18 through 26.00 contain a memory safety bug in the SquashFS archive handler that can crash the application or leak heap information when processing a specially crafted archive file. The vulnerability stems from uninitialized memory left in an internal index structure; an attacker can craft a SquashFS archive that causes the handler to read from these uninitialized slots and potentially dereference invalid pointers during directory parsing. The issue is triggered automatically when you open the malicious file—no user interaction beyond that is required. The impact is limited to denial of service and potential information disclosure; the attacker cannot modify files or escalate privileges.

  • CVE-2026-10998MEDIUM 4.0

    CVE-2026-10998 is a memory safety issue in Google Chrome's media handling code that allows an attacker positioned on the same local network to read data from memory locations they shouldn't have access to. The vulnerability exists in Chrome versions before 149.0.7827.53. An attacker would need to send specially crafted network traffic to trigger an out-of-bounds read, which could potentially expose sensitive information resident in the browser's memory. This is a local-network-only threat, meaning the attacker must be on your network segment to exploit it.

  • CVE-2026-10233LOW 3.3

    Assimp, a popular open-source 3D model importing library, contains an out-of-bounds read vulnerability in its Half-Life 1 MDL file loader. When processing specially crafted MDL files, the vulnerability allows an attacker with local access to read memory outside intended boundaries. While the issue has been publicly disclosed, the impact is limited to information disclosure with no ability to modify or crash systems. This vulnerability requires local file system access and authenticated user privileges to trigger.

  • CVE-2026-10267LOW 3.3

    A flaw in the Janet programming language (version 1.41.0 and earlier) allows a local user to read memory beyond intended boundaries in the debug frame handling code. The vulnerability requires local system access and valid user credentials to exploit, but poses a confidentiality risk by enabling unauthorized disclosure of sensitive data in memory.

  • CVE-2026-45455LOW 3.3

    A flaw in Microsoft Office Excel can allow an attacker to read memory that shouldn't be accessible, potentially exposing sensitive information on a local system. The vulnerability requires user interaction—someone must open a specially crafted Excel file—but once triggered, it could leak data like file contents or system details. This is a low-severity issue with no direct impact on system availability or file integrity.

  • CVE-2026-45485LOW 3.3

    Microsoft Office contains a flaw that allows an attacker to read data from memory locations outside the intended bounds, potentially exposing sensitive information stored locally on a user's machine. The vulnerability requires local system access and user interaction (such as opening a malicious document), but does not allow the attacker to modify or delete data or crash the application. This is classified as a low-risk issue because it requires presence on the affected system and a user action to trigger exposure.

  • CVE-2026-45613LOW 3.3

    Rizin, a reverse engineering framework used by security researchers and analysts, contains a heap buffer overflow vulnerability in its OMF (Object Module Format) file parsing code. An attacker could craft a malicious OMF binary file that, when opened by a user in Rizin, could read small amounts of sensitive data from the program's memory. This requires local access and user interaction—the user must deliberately open a malicious file.

  • CVE-2026-48102LOW 3.1

    7-Zip versions 9.11 through 26.00 contain a flaw in how they parse UDF (Universal Disk Format) disc images—used in .iso and .udf files. When processing certain malformed UDF file structures, the parser reads 1 to 3 bytes beyond the allocated memory buffer. This out-of-bounds read occurs during the file open operation and can reveal small amounts of memory content or cause the application to crash. The vulnerability requires user interaction (opening a crafted archive) and affects only information disclosure and stability, not file integrity or system compromise.

  • CVE-2026-11786LOW 1.9

    A parsing flaw in 389 Directory Server can cause the LDIF (LDAP Data Interchange Format) parser to read past the boundary of allocated memory when it encounters attribute types ending with semicolons during database imports. The defect is detectable only under memory instrumentation tools (such as AddressSanitizer) and does not cause immediate functional failure or crashes under normal operation. This is a low-severity out-of-bounds read affecting local, high-privileged operations.