CVE-2026-42371
5.1 MEDIUMuriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes
Published: 2026-04-27 · Last updated: 2026-05-18
Severity and scoring
- CVSS
- 5.1 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-197
Affected products
| Vendor | Product |
|---|---|
| uriparser_project | uriparser |
Description
uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-44823 — Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally (7.8 HIGH)
- CVE-2026-40409 — Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability (7.8 HIGH)
- CVE-2026-40404 — Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability (7.8 HIGH)
- CVE-2026-42944 — NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSI... (7.5 HIGH)