216.73.217.98

CVE-2026-0943

· Published 19/01/2026 04:15 · Modified 20/01/2026 16:16

Labels: CVE-2026-0943 2026-01-199b29abf9-4ab0-4765-b253-1875cd9b441eCVE-2026-0943

Essential information

Published
19/01/2026 04:15
Modified
20/01/2026 16:16
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability.  Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hb_src.tar.gz in the source tarball, which is affected by CVE-2026-22693.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
9b29abf9-4ab0-4765-b253-1875cd9b441e
NVD
View on NVD

Affected products (CPE)

ProductCPE
harfbuzz / harfbuzz cpe:2.3:a:harfbuzz:harfbuzz:<0.032:*:*:*:*:*:*:*

References