CVE-2024-46488

## Vulnerability sqlite-vec v0.1.1, a vector search SQLite extension, contains a heap buffer overflow in the npy_token_next function used to parse NumPy (.npy) files [2]. The flaw occurs when the function matches the string "False" using strncmp without proper bounds checking, leading to an out-of-bounds read beyond the input buffer [1]. This is triggered during parsing of a crafted .npy file.

Exploitation

An attacker can supply a specially crafted .npy file to an application that uses sqlite-vec to load vector data [2]. No authentication or special privileges are required if the application processes user-provided files. The vulnerability is reachable via the parse_npy_header function, which initializes a scanner and calls the vulnerable npy_token_next [2].

Impact

Successful exploitation results in a heap buffer overflow, causing a crash and denial of service [1][4]. The CVSS score reflects high availability impact [1].

Mitigation

As of the advisory, no official patch has been released [1]. The project is pre-v1 and may undergo breaking changes [3]. Users should avoid processing untrusted .npy files with sqlite-vec until a fix is available.