{"id":"CVE-2026-53689","details":"libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfs_zdr_string in lib/libnfs-zdr.c.","modified":"2026-07-15T01:49:14.948483819Z","published":"2026-06-10T13:44:28.272Z","related":["SUSE-SU-2026:22363-1","SUSE-SU-2026:22447-1","SUSE-SU-2026:2760-1","openSUSE-SU-2026:11246-1","openSUSE-SU-2026:21055-1"],"database_specific":{"cna_assigner":"mitre","cwe_ids":["CWE-1284"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53689.json","unresolved_ranges":[{"extracted_events":[{"fixed":"55c18ea33a83d667f79f0ef209c96895795c729f"}],"source":"AFFECTED_FIELD"},{"extracted_events":[{"fixed":"55c18ea"}],"source":"DESCRIPTION"}]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53689.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-53689"},{"type":"FIX","url":"https://github.com/sahlberg/libnfs/commit/55c18ea33a83d667f79f0ef209c96895795c729f"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sahlberg/libnfs","events":[{"introduced":"0"},{"fixed":"18c5c73ee88bb7dc8da0d55dc95164bb77e49dc6"},{"fixed":"55c18ea33a83d667f79f0ef209c96895795c729f"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"6.0.2"}],"source":["DESCRIPTION","REFERENCES"]}}],"versions":["libnfs-6.0.2","libnfs-6.0.1","libnfs-6.0.0","libnfs-5.0.3","libnfs-5.0.0","libnfs-5.0.2","libnfs-5.0.1","libnfs-4.0.0","libnfs-3.0.0","libnfs-2.0.0","libnfs-1.11.0","libnfs-1.10.0","libnfs-1.9.8","libnfs-1.9.7","libnfs-1.9.6","libnfs-1.9.5","libnfs-1.9.4","libnfs-1.9.3","libnfs-1.9.2","libnfs-1.9.0","libnfs-1.8.0","libnfs-1.7.0","libnfs-1.6.0","libnfs-1.5.0","libnfs-1.4.0","libnfs-1.3.0","libnfs-1.2.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53689.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}]}