MEDIUM
simdjson
CVE published 2026-05-14
CVE-2026-8295
A medium-severity integer overflow vulnerability in the simdjson library's document-builder API affects 32-bit builds where size_t width is limited. The flaw in string_builder::escape_and_append() causes incorrect buffer size calculations when processing very large input strings, leading to insufficient buffer allocation. This can trigger out-of-bounds memory reads in SIMD routines with potential conseque [truncated]