ГлавнаяУязвимости → CVE-2026-56770
7.5высокая

CVE-2026-56770

Описание

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds, causing out-of-bounds memory access and potential corruption.

CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/schwehr/libais/issues/263https://www.vulncheck.com/advisories/libais-out-of-bounds-vector-access-in-vdmstream-addline-via-invalid-sequential-message-id