CVE-2026-13587

Source
https://cve.org/CVERecord?id=CVE-2026-13587
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-13587.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-13587
Published
2026-06-29T16:00:11.058Z
Modified
2026-07-15T01:49:07.248864340Z
Severity
  • 2.9 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
seladb PcapPlusPlus LightPcapNg light_pcapng.c parse_by_block_type heap-based overflow
Details

A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parsebyblocktype of the file lightpcapng.c of the component LightPcapNg Parser. Performing a manipulation of the argument capturedpacketlength results in heap-based buffer overflow. It is possible to initiate the attack remotely. The attack's complexity is rated as high. The exploitability is described as difficult. The exploit has been made public and could be used.

Database specific
{
    "cwe_ids": [
        "CWE-119",
        "CWE-122"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/13xxx/CVE-2026-13587.json",
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/seladb/pcapplusplus

Affected ranges

Type
GIT
Repo
https://github.com/seladb/pcapplusplus
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "25.05"
        },
        {
            "last_affected": "25.05"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

25.*
25.05
v25.*
v25.05

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-13587.json"