CVE-2026-31963 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: March 19, 2026
HTSlib - Buffer Overflow
Overview
HTSlib < 1.23.1, 1.22.2, 1.21.1 contains a heap buffer overflow caused by an out-by-one error in CRAM feature decoding, letting attackers cause crashes or potentially execute arbitrary code, exploit requires opening a crafted file.
Severity & Score
Impact
Attackers can cause crashes or execute arbitrary code by opening a crafted CRAM file, potentially compromising the system.
Mitigation
Update to version 1.23.1 or later.
References
Social Media Activity(1 post)
š CVE-2026-31963 - High (8.1) HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of stori... š https://www.thehackerwire.com/vulnerability/CVE-2026-31963/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-31963
- Severity
- High
- CVSS Score
- 8.1
- Type
- buffer_overflow
- Status
- confirmed
- EPSS
- 4.5%
- Social Posts
- 1
CWE
- CWE-122
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H