Home / Vulnerability Intelligence / CVE-2026-31968

CVE-2026-31968 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: March 19, 2026

HTSlib - Buffer Overflow

Published: March 18, 2026Updated: March 19, 2026Remote Exploitable

Overview

HTSlib contains a buffer overflow caused by incomplete validation of VARINT and CONST encodings in CRAM format, letting attackers cause heap or stack overflow and potentially execute arbitrary code, exploit requires opening crafted file.

Severity & Score

Severity: High

CVSS Score: 8.1

EPSS Score: 1.4%(Probability of exploitation in next 30 days)

Impact

Attackers can cause crashes, data corruption, or potentially execute arbitrary code by opening crafted files.

Mitigation

Update to versions 1.23.1, 1.22.2, 1.21.1 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 19, 2026

🟠 CVE-2026-31968 - High (8.1) HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. For the `VARINT` and `CONST` encodings, incomplete ... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31968/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-31968
Severity: High
CVSS Score: 8.1
Type: buffer_overflow
Status: confirmed
EPSS: 1.4%
Social Posts: 1

CWE

CWE-121

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

EPSS Score

1.4%Probability of exploitation in the next 30 days