libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds, causing out-of-bounds memory access and potential corruption.
References
Configurations
No configuration.
History
25 Jun 2026, 19:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-25 19:16
Updated : 2026-06-25 19:48
NVD link : CVE-2026-56770
Mitre link : CVE-2026-56770
CVE.ORG link : CVE-2026-56770
JSON object : View
Products Affected
No product.
CWE
CWE-129
Improper Validation of Array Index
