{"id":"OSV-2026-863","summary":"Global-buffer-overflow in cram_decoder_init","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519841736\n\n```\nCrash type: Global-buffer-overflow READ 8\nCrash state:\ncram_decoder_init\ncram_decode_compression_header\ncram_next_slice\n```\n","modified":"2026-06-06T00:19:05.280224Z","published":"2026-06-06T00:19:05.279879Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519841736"}],"affected":[{"package":{"name":"htslib","ecosystem":"OSS-Fuzz","purl":"pkg:generic/htslib"},"ranges":[{"type":"GIT","repo":"https://github.com/samtools/htslib.git","events":[{"introduced":"d926270f580aa64fab4634859d4518d2d7a5dd7e"},{"fixed":"1b3225f11b7bb55781ad7927f3ef343bc810a21d"},{"fixed":"d94071f3dd9613ab66f177e1237660855a56f0ed"}]}],"ecosystem_specific":{"severity":null},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/htslib/OSV-2026-863.yaml","introduced_range":"ffa59ef6ed6a09e1d8e2a82a5c69ad85c94b0bad:57e1a0763c9a5f34a1d1ab9deb3a3ad2bd8fe11d","fixed_range":"57e1a0763c9a5f34a1d1ab9deb3a3ad2bd8fe11d:d94071f3dd9613ab66f177e1237660855a56f0ed"}}],"schema_version":"1.7.5"}