CVE-2026-56770 – libais 0.15 – Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID

admin
June 25, 2026
Wire

CVE ID :CVE-2026-56770

Published : June 25, 2026, 6:06 p.m. | 1 hour, 33 minutes ago

Description :libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds, causing out-of-bounds memory access and potential corruption.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… To Read More Visit Read More

Related Posts

CVE-2026-56786 – RTKLIB 2.4.3 – Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message

CVE-2026-56771 – NewsBlur < 14.5.0 – Server-Side Request Forgery via add_url Endpoint

CVE-2026-56769 – Huly Platform – Server-Side Request Forgery via /import Endpoint