OSV-2026-561

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kmime/OSV-2026-561.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-561
Published
2026-04-11T00:21:08.852326Z
Modified
2026-04-11T00:21:08.852713Z
Summary
Global-buffer-overflow in nameMatch
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=500975977

Crash type: Global-buffer-overflow READ 1
Crash state:
nameMatch
QStringConverter::QStringConverter
KMime::HeaderParsing::parseEncodedWord
References

Affected packages

OSS-Fuzz / kmime

Package

Name
kmime
Purl
pkg:generic/kmime

Affected ranges

Type
GIT
Repo
https://invent.kde.org/pim/kmime.git
Events
Introduced
203b456991a1104bb0e3e6ea943b8328aa0b8d08
Fixed
004fa5a8abaf96509350dd6c1aa18029de81697d

Affected versions

v26.*
v26.04.0

Ecosystem specific 

{
    "severity": null
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kmime/OSV-2026-561.yaml"
fixed_range 
"70a8289e648b7e4de5aebc0bc098fcb5f9bffb55:004fa5a8abaf96509350dd6c1aa18029de81697d"