Integer Overflow Vulnerability in Freetype Library Affects OpenType Fonts
CVE-2026-23865

5.3MEDIUM

Key Information:

Vendor

Freetype

Status
Freetype
Vendor
CVE Published:
2 March 2026

What is CVE-2026-23865?

An integer overflow issue exists in the tt_var_load_item_variation_store function of the Freetype library, which affects versions 2.13.2 and 2.13.3. This vulnerability allows potential out-of-bounds read operations during the parsing of HVAR, VVAR, and MVAR tables in OpenType variable fonts. The problem has been addressed in version 2.14.2. Users of affected versions should upgrade to mitigate any potential risks.

Affected Version(s)

FreeType 2.13.2 <= 2.13.3

FreeType 2.13.2 <= 2.13.3

FreeType 2.14.0 <= 2.14.1

References

https://www.facebook.com/security/advisories/cve-2026-23865
x_refsource_CONFIRM
https://gitlab.com/freetype/freetype/-/commit/fc85a255849...
x_refsource_CONFIRM
https://sourceforge.net/projects/freetype/files/freetype2...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.