AIKIDO-2026-10240
github.com/google/osv-scalibr is vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
91
Critical Risk
This Affects:
github.com/google/osv-scalibrTL;DR
Affected versions of this software are vulnerable to a memory overflow that can lead to remote code execution. Improper bounds checking when processing specially crafted requests allows an attacker to corrupt memory and execute arbitrary code on the affected system.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
github.com/google/osv-scalibr is vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer in versions 0.0.1 - 0.4.2.
How to fix this
Upgrade the github.com/google/osv-scalibr library to the patch version.
Links
GitHub Release
Other
support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant