VYPR
Unrated severityOSV Advisory· Published Jul 9, 2026

Debian freetype: An out-of-bounds read vulnerability exists in FreeType 2.14.3 and versions befor…

CVE-2026-50811

Description

An out-of-bounds read vulnerability exists in FreeType 2.14.3 and versions before commit 5a280ecde6f324de0d226261036e736e0cb49a71 in src/truetype/ttgxvar.c, in the TT_Get_Var_Design implementation used by FT_Get_Var_Design_Coordinates

Affected products

3
  • FreeType/FreetypeOSV2 versions
    VER-2-14-3, VER-2-14-2, VER-2-14-1, …+ 1 more
    • (no CPE)range: VER-2-14-3, VER-2-14-2, VER-2-14-1, …
    • (no CPE)range: <=2.14.3
  • Debian/freetypellm-create
    Range: <=2.14.3

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.