← العودة للجدول
CVE-2026-54559
CVE-2026-54559 — PocketSphinx: Buffer overflows in language and acoustic model loading code
📅 2026-07-18
🟡 Medium 🔥 PoC Only GHSA PoC Research Vulnerability

📋 الوصف الكامل

### Impact The trie language model code introduced in PocketSphinx 5prealpha failed to check various boundary conditions when reading the headers of ARPA, DMP, and binary format language model files. In the case of invalid, corrupted or malicious input files, this could lead to stack and heap buffer overflows. In addition, the acoustic model loading code (which is over 30 years old...) contains

💻 الأنظمة المتأثرة

⚠️ نوع التهديد

PoC Research

🔗 CVE ID

CVE-2026-54559

📡 المصدر

GHSA

✅ الحلول والتخفيف

Update to v5.1.1

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ← 🔍 Valters IT ←