VYPR

Msgpack

by Shamaton

CVEs (1)

  • CVE-2026-32284HigMar 26, 2026
    risk 0.49cvss 7.5epss 0.00

    The msgpack decoder fails to properly validate the input buffer length when processing truncated fixext data (format codes 0xd4-0xd8). This can lead to an out-of-bounds read and a runtime panic, allowing a denial of service attack.