A vulnerability was found in FreeType 2.14.3. It has been rated as problematic. Impacted is the function TT_Get_Var_Design of the file src/truetype/ttgxvar.c of the component GX Variation Handler. The manipulation leads to out-of-bounds read.

This vulnerability is listed as CVE-2026-50811. The attack must be carried out locally. There is no available exploit.