CVE-2026-23865

ADVISORY - nist

Summary

An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

EPSS Score⁠: 0.00017 (0.046)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

Impacted images

Advisories

NIST

CREATED

2 months ago

UPDATED

11 days ago

ADVISORY IDCVE-2026-23865⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠

CVSS SCORE

5.3medium

Alpine

CREATED

11 days ago

UPDATED

9 days ago

ADVISORY IDCVE-2026-23865⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

2 months ago

UPDATED

14 days ago

ADVISORY IDCVE-2026-23865⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2026-23865⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

20 days ago

UPDATED

13 days ago

ADVISORY IDALSA-2026:9683⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

20 days ago

UPDATED

14 days ago

ADVISORY IDALSA-2026:9686⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

20 days ago

UPDATED

13 days ago

ADVISORY IDALSA-2026:9689⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

21 days ago

UPDATED

18 days ago

ADVISORY IDALSA-2026:9693⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2026-1486⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

6 days ago

UPDATED

5 days ago

ADVISORY ID

BIT-java-2026-23865

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.3medium

Bitnami

CREATED

6 days ago

UPDATED

5 days ago

ADVISORY ID

BIT-java-min-2026-23865

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.3medium

Bitnami

CREATED

5 days ago

UPDATED

5 days ago

ADVISORY ID

BIT-jre-2026-23865

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.3medium

Rocky

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY IDRLSA-2026:9689⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

16 days ago

UPDATED

16 days ago

ADVISORY IDELSA-2026-9683⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY IDELSA-2026-9686⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

16 days ago

UPDATED

16 days ago

ADVISORY IDELSA-2026-9689⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY IDELSA-2026-9693⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

minimos

CREATED

23 days ago

UPDATED

23 days ago

ADVISORY ID

MINI-j2xg-wjfm-cv5c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY