QSearchQSearch

CVE-2026-44983

7.3 HIGH

smallbitvec is a growable bit-vector for Rust, optimized for size

Published: 2026-05-26 · Last updated: 2026-06-01

Severity and scoring

CVSS
7.3 HIGH
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
CWE
CWE-122, CWE-190

Description

smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption without requiring unsafe code from the caller. This vulnerability is fixed in 2.6.1.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-47747 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
  • CVE-2026-47964 DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code ex... (7.8 HIGH)
  • CVE-2026-47749 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
  • CVE-2026-10649 A flaw was found in Pacemaker (8.6 HIGH)
  • CVE-2026-8484 A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array ...