Home / Vulnerability Intelligence / CVE-2026-31971

CVE-2026-31971 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: March 19, 2026

HTSlib - Buffer Overflow

Published: March 18, 2026Updated: March 19, 2026Remote Exploitable

Overview

HTSlib contains a buffer overflow caused by improper validation in cram_byte_array_len_decode() when reading BYTE_ARRAY_LEN encoded CRAM data, letting attackers cause crashes or execute arbitrary code, exploit requires crafted input file.

Severity & Score

Severity: High

CVSS Score: 8.1

EPSS Score: 9.0%(Probability of exploitation in next 30 days)

Impact

Attackers can cause crashes, data corruption, or execute arbitrary code by opening crafted files.

Mitigation

Update to version 1.23.1 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 19, 2026

🟠 CVE-2026-31971 - High (8.1) HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the `BYTE_ARRAY_LEN... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31971/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-31971
Severity: High
CVSS Score: 8.1
Type: buffer_overflow
Status: confirmed
EPSS: 9.0%
Social Posts: 1

CWE

CWE-121

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

EPSS Score

9.0%Probability of exploitation in the next 30 days