{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32837", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-16T18:11:41.757Z", "datePublished": "2026-03-17T19:10:06.080Z", "dateUpdated": "2026-04-27T15:38:10.654Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-27T15:38:10.654Z"}, "title": "mackron / miniaudio Out-of-Bounds Read in BEXT Coding History Parsing", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-170", "description": "CWE-170 Improper null termination", "type": "CWE"}]}], "affected": [{"vendor": "mackron", "product": "miniaudio", "repo": "https://github.com/mackron/miniaudio", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "0.11.25", "versionType": "semver"}, {"status": "unaffected", "version": "1df46ae9a0eed5aa9f58b179d2cc4af5d23f8bde", "versionType": "git"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "miniaudio version 0.11.25 and earlier (fixed in commits 1df46ae and 1df46ae) contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination handling in the coding history field to cause out-of-bounds reads past the allocated metadata pool, resulting in application crashes or denial of service.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "miniaudio version 0.11.25 and earlier (fixed in commits 1df46ae and 1df46ae) contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination handling in the coding history field to cause out-of-bounds reads past the allocated metadata pool, resulting in application crashes or denial of service."}]}], "references": [{"url": "https://github.com/mackron/miniaudio/issues/1101", "tags": ["issue-tracking"]}, {"url": "https://github.com/mackron/miniaudio/commit/1df46ae9a0eed5aa9f58b179d2cc4af5d23f8bde", "tags": ["patch"]}, {"url": "https://github.com/mackron/dr_libs/commit/04e40d66a7ba1632f93ec1328d4b42ad986e3ee0", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/mackron-miniaudio-out-of-bounds-read-in-bext-coding-history-parsing", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseSeverity": "MEDIUM", "baseScore": 4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}}], "credits": [{"lang": "en", "value": "Ana Kapulica", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-17T19:53:12.862725Z", "id": "CVE-2026-32837", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-17T19:59:38.500Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32837", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-17T19:53:12.862725Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-17T19:59:34.348Z"}}], "cna": {"title": "mackron / miniaudio Out-of-Bounds Read in BEXT Coding History Parsing", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Ana Kapulica"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/mackron/miniaudio", "vendor": "mackron", "product": "miniaudio", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "0.11.25"}, {"status": "unaffected", "version": "1df46ae9a0eed5aa9f58b179d2cc4af5d23f8bde", "versionType": "git"}], "defaultStatus": "unknown"}], "references": [{"url": "https://github.com/mackron/miniaudio/issues/1101", "tags": ["issue-tracking"]}, {"url": "https://github.com/mackron/miniaudio/commit/1df46ae9a0eed5aa9f58b179d2cc4af5d23f8bde", "tags": ["patch"]}, {"url": "https://github.com/mackron/dr_libs/commit/04e40d66a7ba1632f93ec1328d4b42ad986e3ee0", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/mackron-miniaudio-out-of-bounds-read-in-bext-coding-history-parsing", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "miniaudio version 0.11.25 and earlier (fixed in commits 1df46ae and 1df46ae) contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination handling in the coding history field to cause out-of-bounds reads past the allocated metadata pool, resulting in application crashes or denial of service.", "supportingMedia": [{"type": "text/html", "value": "miniaudio version 0.11.25 and earlier (fixed in commits 1df46ae and 1df46ae) contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination handling in the coding history field to cause out-of-bounds reads past the allocated metadata pool, resulting in application crashes or denial of service.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-170", "description": "CWE-170 Improper null termination"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-27T15:38:10.654Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32837", "state": "PUBLISHED", "dateUpdated": "2026-04-27T15:38:10.654Z", "dateReserved": "2026-03-16T18:11:41.757Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-17T19:10:06.080Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mackron:miniaudio:*:*:*:*:*:*:*:*", "matchCriteriaId": "67C8DA11-B9B8-471B-9100-F56B15320D81", "versionEndIncluding": "0.11.25", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "miniaudio version 0.11.25 and earlier (fixed in commits 1df46ae and 1df46ae) contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination handling in the coding history field to cause out-of-bounds reads past the allocated metadata pool, resulting in application crashes or denial of service."}, {"lang": "es", "value": "miniaudio versi\u00f3n 0.11.25 y anteriores contienen una vulnerabilidad de lectura fuera de l\u00edmites en el heap en el analizador de metadatos BEXT de WAV que permite a los atacantes desencadenar violaciones de acceso a la memoria al procesar archivos WAV manipulados. Los atacantes pueden explotar un manejo inadecuado de la terminaci\u00f3n nula en el campo de historial de codificaci\u00f3n para causar lecturas fuera de l\u00edmites m\u00e1s all\u00e1 del pool de metadatos asignado, lo que resulta en ca\u00eddas de la aplicaci\u00f3n o denegaci\u00f3n de servicio."}], "id": "CVE-2026-32837", "lastModified": "2026-04-27T16:16:44.043", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "disclosure@vulncheck.com", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-17T20:16:14.177", "references": [{"source": "disclosure@vulncheck.com", "url": "https://github.com/mackron/dr_libs/commit/04e40d66a7ba1632f93ec1328d4b42ad986e3ee0"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/mackron/miniaudio/commit/1df46ae9a0eed5aa9f58b179d2cc4af5d23f8bde"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Issue Tracking", "Mitigation", "Vendor Advisory"], "url": "https://github.com/mackron/miniaudio/issues/1101"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/mackron-miniaudio-out-of-bounds-read-in-bext-coding-history-parsing"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-170"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{"bugzilla": {"description": "miniaudio: miniaudio: Denial of Service via crafted WAV files due to heap out-of-bounds read", "id": "2448445", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448445"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-170", "details": ["A flaw was found in miniaudio. An attacker can exploit a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser by processing a specially crafted WAV file. This vulnerability, caused by improper null-termination handling in the coding history field, allows for out-of-bounds reads past the allocated metadata pool. Successful exploitation can lead to application crashes or a denial of service."], "name": "CVE-2026-32837", "public_date": "2026-03-17T19:10:06Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-32837\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-32837\nhttps://github.com/mackron/miniaudio/issues/1101\nhttps://www.vulncheck.com/advisories/mackron-miniaudio-out-of-bounds-read-in-bext-coding-history-parsing"], "statement": "This MODERATE vulnerability affects miniaudio and imhex in Red Hat Community Projects. A heap out-of-bounds read in the WAV BEXT parser is triggered by processing crafted WAV files. Exploitation requires user interaction to open the malicious file (UI:R) and local access. Impact is limited to availability through application crashes.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,0.11.25]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "miniaudio", "source": "cna", "vendor": "mackron"}, "product": "miniaudio", "vendor": "mackron"}], "analysis": {"en": {"generated_at": "2026-04-28T09:20:42.626418+00:00", "value": {"mitigation_remediation": ["Update miniaudio to version 0.11.26 or newer to eliminate the out-of-bounds read", "If an update is delayed, add defensive checks to validate the null-termination of the coding history string before parsing", "Configure the application environment to restrict unwarranted WAV file inputs from untrusted users", "Monitor application logs for crash patterns associated with WAV processing and correlate with potential malicious activity"], "summary": {"action": "Apply Patch", "impact": "Denial of Service via Out-of-Bounds Read"}, "threat_synthesis": {"affected_systems": "Affected product: mackron:miniaudio version 0.11.25 and earlier. The CPE string indicates all builds of the library may be impacted. No other vendor or product versions are listed.", "description_and_impact": "The vulnerability resides in the BEXT metadata parser of miniaudio versions up to 0.11.25. Improper null-termination handling in the coding history field allows an attacker to create a crafted WAV file that triggers a heap out-of-bounds read. Key impact is memory access violation that can lead to application crashes or denial of service. No evidence of remote code execution or data exposure is provided. The weakness is categorized as CWE\u2011170 (Improper Null Termination).", "risk_and_exploitability": "The CVSS score of 5.1 indicates moderate severity. EPSS below 1% suggests low probability of active exploitation at present. The vulnerability is not listed in CISA KEV, implying it is not a known actively exploited vulnerability. The likely attack vector involves user-controlled WAV files processed by applications using the vulnerable miniaudio library; an attacker would need the ability to supply or force processing of a malicious file. The risk, while moderate, can cause service interruptions and should be mitigated promptly. The mitigation is straightforward: upgrade to a fixed version. If an upgrade is not immediately possible, monitor for crashes related to WAV playback and consider input validation patches."}}}}, "created": "2026-03-18T10:42:56.419598+00:00", "updated": "2026-04-28T09:30:26.198342+00:00", "vendors": ["mackron", "mackron$PRODUCT$miniaudio"]}