HIGH
servo
CVE published 2026-05-26
CVE-2026-44983
A heap buffer overflow vulnerability exists in the smallbitvec Rust crate, affecting versions 1.0.1 through 2.6.0. The root cause is an integer overflow in the internal capacity calculation, which leads to an undersized heap allocation. This vulnerability can be triggered through safe APIs without requiring unsafe code from the caller, enabling memory corruption. The CVSS 3.1 score of 7.3 (HIGH) reflects [truncated]