CVE-2026-1765

Published: Giu 16, 2026 Last Modified: Giu 16, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,6

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: required

Scope: unchanged

Confidentiality: low

Integrity: none

Availability: high

Description

AI Translation Available

A flaw was found in the `tracker-extract-mp3` component of GNOME localsearch (previously known as tracker-miners). This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denial of Service (DoS) where the application crashes. It may also potentially expose sensitive information from the system's memory.

125

Out-of-bounds Read

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Availability Other

Potential Impacts:

Read Memory Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Varies By Context

Applicable Platforms

Languages: Memory-Unsafe, C, C++

Technologies: ICS/OT

View CWE Details

https://access.redhat.com/security/cve/CVE-2026-1765

https://bugzilla.redhat.com/show_bug.cgi?id=2435981

CVE-2026-1765

Description

Out-of-bounds Read

Common Consequences

Applicable Platforms

Iscriviti alla newsletter