Use After Free in Samtools

CVE-2026-31972

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. The `mpileup` command outputs DNA sequences that have been aligned against a known reference. On each output line it writes the reference position, op…

Vulnerability class: Use-After-Free

EPSS: 0.000 (6.6th percentile) — read the EPSS interpretation.

Affected products

Samtools — versions < 1.21.1

Weakness classification (CWE)

CWE-416 — Use After Free

References

https://github.com/samtools/samtools/security/advisories/GHSA-72c8-4jf3-f27p (x_refsource_CONFIRM)
https://github.com/samtools/samtools/commit/3036eb9af945fcef359427a2d359855553da4adf (x_refsource_MISC)