{"id":"CVE-2023-26923","details":"Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code.","modified":"2026-03-14T12:05:20.630334Z","published":"2023-03-28T15:15:06.933Z","references":[{"type":"REPORT","url":"https://github.com/musescore/MuseScore/issues/16346"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/musescore/MuseScore","events":[{"introduced":"c1a5e4c882b9687fead02a017513f17b6c1521a3"},{"last_affected":"9b70a8cb28c5bbeba4f1ef5610f504c2080b9ee4"}],"database_specific":{"versions":[{"introduced":"3.0"},{"last_affected":"4.0.1"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-26923.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}