Loading market data...
← Back to CVE feed

CVE-2026-56789

MEDIUM CVSS 6.5 View on NVD ↗

Description

RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64 satellites per epoch to cause heap buffer overflow writes and out-of-bounds stack reads, crashing RTKLIB-based applications including rnx2rtkp and RTKPOST.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

rtklib/rtklib
Published: Jun 25, 2026 19:16 UTC Modified: Jun 26, 2026 16:53 UTC