{"id":"OSV-2026-589","summary":"Heap-double-free in coap_new_oscore_conf","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=503812134\n\n```\nCrash type: Heap-double-free\nCrash state:\ncoap_new_oscore_conf\noscore_conf_parse_target.c\ncoap_new_oscore_conf\n```\n","modified":"2026-04-19T00:09:04.853106Z","published":"2026-04-19T00:09:04.852781Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=503812134"}],"affected":[{"package":{"name":"libcoap","ecosystem":"OSS-Fuzz","purl":"pkg:generic/libcoap"},"ranges":[{"type":"GIT","repo":"https://github.com/obgm/libcoap.git","events":[{"introduced":"77929465d3fd497574adf5941f5558e8c2eb7a06"},{"fixed":"e4297c9c890ddb2480bf598b4207169c0271ae30"},{"fixed":"783b5317caf30397df392228d67969af579fa03b"}]}],"ecosystem_specific":{"severity":"HIGH"},"database_specific":{"introduced_range":"e766f053c2cf90aaf181f0f458e77905d462413c:24d146d55327507b2107941a134795c9a7be13ef","source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libcoap/OSV-2026-589.yaml","fixed_range":"3f4d08f964248363bbf192a7af1e59303429e561:783b5317caf30397df392228d67969af579fa03b"}}],"schema_version":"1.7.5"}