{"id":"CLEANSTART-2026-TC95380","summary":"vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device","details":"Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.","modified":"2026-02-17T13:15:34.066122Z","published":"2026-02-06T01:06:01.062694Z","upstream":["CVE-2017-11423","CVE-2017-12374","CVE-2017-12375","CVE-2017-12376","CVE-2017-12377","CVE-2017-12378","CVE-2017-12379","CVE-2017-12380","CVE-2017-16932","CVE-2017-6419","CVE-2018-0202","CVE-2018-0360","CVE-2018-0361","CVE-2018-1000085","CVE-2018-14680","CVE-2018-14681","CVE-2018-14682","CVE-2019-12625","CVE-2019-15961","CVE-2019-1787","CVE-2019-1788","CVE-2019-1789","CVE-2020-3123","CVE-2020-3327","CVE-2020-3341","CVE-2020-3350","CVE-2020-3481","CVE-2021-1252","CVE-2021-1404","CVE-2021-1405","CVE-2022-20698","CVE-2022-48579","CVE-2023-20052","CVE-2023-20197","CVE-2024-20290","CVE-2024-20328"],"database_specific":{},"references":[{"type":"ADVISORY","url":"https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TC95380.json"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-11423"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-12374"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-12375"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-12376"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-12377"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-12378"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-12379"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-12380"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-16932"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2017-6419"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2018-0202"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2018-0360"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2018-0361"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2018-1000085"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2018-14680"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2018-14681"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2018-14682"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2019-12625"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2019-15961"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2019-1787"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2019-1788"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2019-1789"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2020-3123"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2020-3327"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2020-3341"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2020-3350"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2020-3481"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2021-1252"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2021-1404"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2021-1405"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2022-20698"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2022-48579"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2023-20052"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2023-20197"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2024-20290"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2024-20328"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-11423"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12374"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12375"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12376"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12377"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12378"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12379"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12380"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16932"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6419"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0202"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0360"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0361"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000085"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14680"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14681"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14682"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12625"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15961"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1787"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1788"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1789"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-3123"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-3327"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-3341"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-3350"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-3481"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-1252"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-1404"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-1405"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-20698"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48579"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-20052"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-20197"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20290"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20328"}],"affected":[{"package":{"name":"clamav","ecosystem":"CleanStart"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.2-r0"}]}],"database_specific":{"source":"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-TC95380.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}