CVE-2026-7572 | Velocidex Velociraptor up to 0.76.4 on Windows VQL Plugin parse_evtx off-by-one

Inserito da Angelo Barbosa | Mag 6, 2026 | CVE

A vulnerability classified as problematic was found in Velocidex Velociraptor up to 0.76.4 on Windows. This affects the function parse_evtx of the component VQL Plugin. Executing a manipulation can lead to off-by-one.

This vulnerability is registered as CVE-2026-7572. The attack needs to be launched locally. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-7572 | Velocidex Velociraptor up to 0.76.4 on Windows VQL Plugin parse_evtx off-by-one

Post correlati

CVE-2025-24598 | brandtoss WP Mailster Plugin up to 1.8.17.0 on WordPress cross site scripting

CVE-2025-13967 | Woodpecker Plugin up to 3.0.4 on WordPress Shortcode form_name cross site scripting

CVE-2024-11094 | 404 Solution Plugin up to 2.35.17 on WordPress information disclosure

CVE-2024-9253 | Foxit PDF Reader AcroForm out-of-bounds (ZDI-24-1305)