{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32836", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-16T18:11:41.757Z", "datePublished": "2026-03-17T19:10:19.404Z", "dateUpdated": "2026-04-29T14:33:14.959Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-29T12:35:58.693Z"}, "title": "mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-789", "description": "CWE-789 Memory allocation with excessive size value", "type": "CWE"}]}], "affected": [{"vendor": "mackron", "product": "dr_libs dr_flac.h", "repo": "https://github.com/mackron/dr_libs/blob/master/dr_flac.h", "modules": ["dr_flac.h"], "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "0.13.3", "versionType": "semver"}, {"status": "unaffected", "version": "fefced4a64adfb1a68a2d31d882366e56096dee8", "versionType": "git"}, {"status": "unaffected", "version": "4f5a4cd3b57564d969443c580c75857e039f100a", "versionType": "git"}, {"status": "unaffected", "version": "663239a3d0460c33bd5b6e5166edcb404e3df676", "versionType": "git"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "dr_libs\u00a0dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "dr_libs dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks."}]}], "references": [{"url": "https://github.com/mackron/dr_libs/issues/298", "tags": ["issue-tracking"]}, {"url": "https://github.com/mackron/dr_libs/commit/fefced4a64adfb1a68a2d31d882366e56096dee8", "tags": ["patch"]}, {"url": "https://github.com/mackron/dr_libs/commit/4f5a4cd3b57564d969443c580c75857e039f100a", "tags": ["patch"]}, {"url": "https://github.com/mackron/dr_libs/commit/663239a3d0460c33bd5b6e5166edcb404e3df676", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/mackron-dr-libs-excessive-memory-allocation-in-picture-metadata-parsing", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}], "credits": [{"lang": "en", "value": "Ana Kapulica", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T14:06:01.362458Z", "id": "CVE-2026-32836", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-29T14:33:14.959Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32836", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-18T14:06:01.362458Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T14:06:24.523Z"}}], "cna": {"title": "mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Ana Kapulica"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/mackron/dr_libs/blob/master/dr_flac.h", "vendor": "mackron", "modules": ["dr_flac.h"], "product": "dr_libs dr_flac.h", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "0.13.3"}, {"status": "unaffected", "version": "fefced4a64adfb1a68a2d31d882366e56096dee8", "versionType": "git"}, {"status": "unaffected", "version": "4f5a4cd3b57564d969443c580c75857e039f100a", "versionType": "git"}, {"status": "unaffected", "version": "663239a3d0460c33bd5b6e5166edcb404e3df676", "versionType": "git"}], "defaultStatus": "unknown"}], "references": [{"url": "https://github.com/mackron/dr_libs/issues/298", "tags": ["issue-tracking"]}, {"url": "https://github.com/mackron/dr_libs/commit/fefced4a64adfb1a68a2d31d882366e56096dee8", "tags": ["patch"]}, {"url": "https://github.com/mackron/dr_libs/commit/4f5a4cd3b57564d969443c580c75857e039f100a", "tags": ["patch"]}, {"url": "https://github.com/mackron/dr_libs/commit/663239a3d0460c33bd5b6e5166edcb404e3df676", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/mackron-dr-libs-excessive-memory-allocation-in-picture-metadata-parsing", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "dr_libs\u00a0dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks.", "supportingMedia": [{"type": "text/html", "value": "dr_libs dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-789", "description": "CWE-789 Memory allocation with excessive size value"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-29T12:35:58.693Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32836", "state": "PUBLISHED", "dateUpdated": "2026-04-29T14:33:14.959Z", "dateReserved": "2026-03-16T18:11:41.757Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-17T19:10:19.404Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mackron:dr_libs:*:*:*:*:*:*:*:*", "matchCriteriaId": "24B8BF49-DCFF-4882-AA06-E6D9BBB5ECB8", "versionEndIncluding": "0.13.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "dr_libs\u00a0dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks."}, {"lang": "es", "value": "La versi\u00f3n 0.13.3 y anteriores de dr_libs contienen una vulnerabilidad de asignaci\u00f3n de memoria incontrolada en drflac__read_and_decode_metadata() que permite a los atacantes activar una asignaci\u00f3n de memoria excesiva al proporcionar bloques de metadatos PICTURE manipulados. Los atacantes pueden explotar los campos mimeLength y descriptionLength controlados por el atacante para causar una denegaci\u00f3n de servicio a trav\u00e9s del agotamiento de la memoria al procesar flujos FLAC con devoluciones de llamada de metadatos."}], "id": "CVE-2026-32836", "lastModified": "2026-04-27T16:16:43.867", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-17T20:16:14.000", "references": [{"source": "disclosure@vulncheck.com", "url": "https://github.com/mackron/dr_libs/commit/4f5a4cd3b57564d969443c580c75857e039f100a"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/mackron/dr_libs/commit/663239a3d0460c33bd5b6e5166edcb404e3df676"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/mackron/dr_libs/commit/fefced4a64adfb1a68a2d31d882366e56096dee8"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Issue Tracking", "Mitigation", "Vendor Advisory"], "url": "https://github.com/mackron/dr_libs/issues/298"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/mackron-dr-libs-excessive-memory-allocation-in-picture-metadata-parsing"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-789"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,0.13.3]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "dr_libs", "source": "cna", "vendor": "mackron"}, "product": "dr_libs", "vendor": "mackron"}], "analysis": {"en": {"generated_at": "2026-04-28T09:20:23.408325+00:00", "value": {"mitigation_remediation": ["Update dr_libs to a newer version than 0.13.3", "If an update is not possible, disable PICTURE metadata callbacks or enforce size limits on mimeLength and descriptionLength fields", "Reject or sanitize FLAC files containing suspicious metadata blocks"], "summary": {"action": "Patch Immediately", "impact": "Denial of Service via memory exhaustion"}, "threat_synthesis": {"affected_systems": "The flaw is present in dr_libs dr_flac.h version 0.13.3 and every revision preceding it. Any program that includes this library to handle FLAC audio and invokes the default metadata callbacks is affected. Systems that rely on locally stored audio or receive audio over a network are potentially vulnerable until the library is upgraded or the faulty metadata handling is disabled.", "description_and_impact": "The vulnerability arises from an uncontrolled memory allocation within the drflac__read_and_decode_metadata function when decoding PICTURE metadata blocks of FLAC streams. By supplying extremely large values for the mimeLength and descriptionLength fields, an attacker can force the library to attempt to allocate a massive amount of memory, leading to memory exhaustion and eventually causing an application to crash. This weakness is classified as CWE\u2011789 and provides only denial of service without exposing data or allowing code execution.", "risk_and_exploitability": "The CVSS score of 6.9 indicates a moderate level of severity, while the EPSS score of less than 1% suggests that exploitation is not widespread. The vulnerability is not currently listed in the CISA KEV catalog. An attacker must supply a specially crafted FLAC stream that contains the malformed PICTURE block; the likely attack vector is delivery of a malicious file to the application, which is therefore inferred rather than explicitly stated in the advisory. For applications exposed to untrusted audio input, the potential impact ranges from transient service interruption to complete application failure, but the overall risk is moderated by the low probability of exploitation."}}}}, "created": "2026-03-18T10:42:55.580567+00:00", "updated": "2026-04-28T09:30:26.197670+00:00", "vendors": ["mackron", "mackron$PRODUCT$dr_libs"]}