Medium severity4.4NVD Advisory· Published May 6, 2026· Updated Jun 1, 2026
CVE-2026-7572
CVE-2026-7572
Description
An off-by-one error (CWE-193) in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service (DoS) via a process crash by providing a specially crafted .evtx file to the parse_evtx VQL plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
www.velocidex.com/golang/velociraptorGo | < 0.76.5 | 0.76.5 |
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.