{"id":"OSV-2026-371","summary":"Heap-buffer-overflow in tinyobj::tryParseDouble","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490598877\n\n```\nCrash type: Heap-buffer-overflow READ 1\nCrash state:\ntinyobj::tryParseDouble\ntinyobj::LoadObjInternal\ntinyobj::LoadObj\n```\n","modified":"2026-03-22T14:18:51.363393Z","published":"2026-03-09T00:09:41.689616Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490598877"}],"affected":[{"package":{"name":"tinyobjloader","ecosystem":"OSS-Fuzz","purl":"pkg:generic/tinyobjloader"},"ranges":[{"type":"GIT","repo":"https://github.com/tinyobjloader/tinyobjloader","events":[{"introduced":"f27721f3c9cd20af4d4eee789431b92d0e0c4477"},{"fixed":"966edceaf8cdca7996c4e9a1c5ced2938de63366"}]}],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tinyobjloader/OSV-2026-371.yaml"}}],"schema_version":"1.7.5"}