bzip2 CVE debriefs

CVE-2026-42250

A medium-severity off-by-one vulnerability in bzip2's bzip2recover utility permits out-of-bounds writes to a global buffer when processing malformed input files. This memory corruption results in denial of service through application crash. The flaw is local in attack vector with low attack complexity, requiring no privileges or user interaction. No evidence of known exploitation or ransomware campaign us [truncated]