JLSEC-2026-461

See a problem?
Please try reporting it to the source first.
Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-461.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-461.json
JSON Data
https://api.test.osv.dev/v1/vulns/JLSEC-2026-461
Upstream
  • EUVD-2026-9195
  • GHSA-878v-mxg6-vj8f
Published
2026-05-07T14:50:29.650Z
Modified
2026-05-07T15:17:26.602193234Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C CVSS Calculator
Summary
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in...
Details

An integer overflow in the ttvarloaditemvariation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

Database specific 
{
    "sources": [
        {
            "published": "2026-03-02T17:16:32.100Z",
            "modified": "2026-05-01T17:41:13.433Z",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23865",
            "id": "CVE-2026-23865",
            "imported": "2026-05-07T14:22:20.015Z",
            "database_specific": {
                "status": "Analyzed"
            },
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23865"
        },
        {
            "published": "2026-03-02T18:31:45Z",
            "modified": "2026-03-04T03:31:33Z",
            "url": "https://api.github.com/advisories/GHSA-878v-mxg6-vj8f",
            "id": "GHSA-878v-mxg6-vj8f",
            "imported": "2026-05-07T14:22:23.884Z",
            "html_url": "https://github.com/advisories/GHSA-878v-mxg6-vj8f"
        },
        {
            "published": "2026-03-02T16:09:42Z",
            "modified": "2026-03-04T00:16:54Z",
            "url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-9195",
            "id": "EUVD-2026-9195",
            "imported": "2026-05-07T14:22:21.724Z",
            "html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-9195"
        }
    ],
    "license": "CC-BY-4.0"
}
References

Affected packages

Julia / FreeType2_jll

Package

Name
FreeType2_jll
Purl
pkg:julia/FreeType2_jll?uuid=d7e528f0-a631-5988-bf34-fe36492bcfd7

Affected ranges

Type
SEMVER
Events
Introduced
2.13.2+0
Fixed
2.14.3+0

Database specific

source 
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-461.json"