DNA View

CVE-2026-23865

Medium

Low Medium High Critical

5.3

CVSS Score

Published: Mar 02, 2026

Last Modified: Mar 04, 2026

CWE: CWE-125

Vulnerability Description

An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Available Security Patches

4 patches available from vendors

View All Patches

Oracle

CPUAPR2026

Oracle Critical Patch Update Advisory - April 2026

Severity

Critical

Released

Apr 21, 2026

Restart Required

Security Update

View Details Vendor Page

Canonical (Ubuntu)

USN-8086-1

USN-8086-1: FreeType vulnerability

Severity

Unknown

Released

Mar 12, 2026

Security Update

View Details Vendor Page

Microsoft

2026-Mar-CVE-2026-23865

CVE-2026-23865: An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

Severity

Unknown

Released

Mar 05, 2026

Security Update

View Details Vendor Page

SUSE

CVE-2026-23865

Severity

Unknown

Released

Mar 05, 2026

Security Update

View Details Vendor Page

Browse All Security Patches

References & Resources

Severity Details

5.3

out of 10.0

Medium

Weakness Type (CWE)

CWE-125 Top 25 #11

Out-of-bounds Read

Description: The product reads data past the end, or before the beginning, of the intended buffer.
Typical Severity: High
Abstraction Level: Base