CVE-2026-41681
ADVISORY - githubSummary
EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller than that, MdCtxRef::digest_final() writes past its end, usually corrupting the stack. This is reachable from safe Rust.
Common Weakness Enumeration (CWE)
ADVISORY - github
Stack-based Buffer Overflow
GitHub
CREATED
UPDATED
ADVISORY IDGHSA-ghm9-cr32-g9qj
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)