CVE-2026-44375
- Source
- https://cve.org/CVERecord?id=CVE-2026-44375
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-44375.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-44375
- Aliases
- Published
- 2026-05-14T14:32:09.506Z
- Modified
- 2026-05-18T06:00:27.001842029Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException
- Details
-
Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the reader to allocate an attacker-controlled number of bytes on the stack. This can trigger a StackOverflowException, which is not catchable by user code and terminates the process. This vulnerability is fixed in 1.1.62.
- Database specific
{ "cwe_ids": [ "CWE-789" ], "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44375.json" }- References
-
- https://github.com/AArnott/Nerdbank.MessagePack/releases/tag/v1.1.62
- https://github.com/AArnott/Nerdbank.MessagePack/security/advisories/GHSA-2cwq-pwfr-wcw3
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44375.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-44375
- https://github.com/AArnott/Nerdbank.MessagePack/commit/7d1eb319cfabe7280e70699946c9a48579fa2f30
- https://github.com/AArnott/Nerdbank.MessagePack/pull/941
Affected packages
Git / github.com/aarnott/nerdbank.messagepack
Affected ranges
- Type
- GIT
- Repo
- https://github.com/aarnott/nerdbank.messagepack
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.1.734-alpha
v0.10.2-rc
v0.10.25-rc
v0.10.33-rc
v0.10.42-rc
v0.10.60-rc
v0.10.63-rc
v0.10.7-rc
v0.10.87-rc
v0.10.89-rc
v0.10.95-rc
v0.11.1-rc
v0.11.34-rc
v0.11.50-rc
v0.11.53-rc
v0.11.54-rc
v0.11.6-rc
v0.11.60-rc
v0.11.8-rc
v0.12.14-rc
v0.12.2-rc
v0.12.28-rc
v0.12.39-rc
v0.12.4-rc
v0.2.108-alpha
v0.2.2-alpha
v0.2.34-alpha
v0.2.52-alpha
v0.2.82-alpha
v0.3.120-beta
v0.3.151-beta
v0.3.161-beta
v0.3.2-alpha
v0.3.27-alpha
v0.3.38-beta
v0.4.5-beta
v0.5.1-beta
v0.5.37-beta
v0.5.57-beta
v0.5.70-beta
v0.5.72-beta
v0.5.80-beta
v0.6.1-beta
v0.6.27-beta
v0.6.7-beta
v0.7.1-beta
v0.8.1-rc
v0.8.102-rc
v0.8.111-rc
v0.8.128-rc
v0.8.131-rc
v0.8.30-rc
v0.8.46-rc
v0.8.54-rc
v0.8.67-rc
v0.8.82-rc
v0.8.90-rc
v0.8.92-rc
v0.9.12-rc
v0.9.14-rc
v0.9.23-rc
v0.9.26-rc
v0.9.35-rc
v1.*
v1.0.11
v1.0.2
v1.0.40
v1.0.43
v1.1.24-beta
v1.1.25