What is CVE-2026-56787?

CVE-2026-56787 is a medium-severity vulnerability in Tomojitakasu Rtklib, classified under Off-by-one Error. CVSS score: 6.5/10. Published 2026-06-25.

How severe is CVE-2026-56787?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Tomojitakasu Rtklib

CVE-2026-56787

RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via crafted RTCM3 SSR messages with attacker-cont…

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L.

Affected products

Tomojitakasu Rtklib — versions 0

Weakness classification (CWE)

CWE-193 — Off-by-one Error

References

disclosure@vulncheck.com (technical-description, exploit)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2026-56787?: CVE-2026-56787 is a medium-severity vulnerability in Tomojitakasu Rtklib, classified under Off-by-one Error. CVSS score: 6.5/10. Published 2026-06-25.
How severe is CVE-2026-56787?: Medium severity. CVSS v3 base score is 6.5 out of 10.