{"id":"OSV-2026-882","summary":"Null-dereference READ in cram_decoder_init","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520827587\n\n```\nCrash type: Null-dereference READ\nCrash state:\ncram_decoder_init\ncram_decode_compression_header\ncram_next_slice\n```\n","modified":"2026-06-08T00:04:58.684147Z","published":"2026-06-08T00:04:58.683884Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520827587"}],"affected":[{"package":{"name":"htslib","ecosystem":"OSS-Fuzz","purl":"pkg:generic/htslib"},"ranges":[{"type":"GIT","repo":"https://github.com/samtools/htslib.git","events":[{"introduced":"d926270f580aa64fab4634859d4518d2d7a5dd7e"},{"fixed":"1b3225f11b7bb55781ad7927f3ef343bc810a21d"},{"fixed":"d94071f3dd9613ab66f177e1237660855a56f0ed"}]}],"ecosystem_specific":{"severity":null},"database_specific":{"introduced_range":"ffa59ef6ed6a09e1d8e2a82a5c69ad85c94b0bad:57e1a0763c9a5f34a1d1ab9deb3a3ad2bd8fe11d","fixed_range":"57e1a0763c9a5f34a1d1ab9deb3a3ad2bd8fe11d:d94071f3dd9613ab66f177e1237660855a56f0ed","source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/htslib/OSV-2026-882.yaml"}}],"schema_version":"1.7.5"}