CVE-2026-3407 | YosysHQ yosys up to 0.62 BLIF File Parser kernel/rtlil.h Yosys::RTLIL::Const::set heap-based overflow

A vulnerability identified as problematic has been detected in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow.

This vulnerability is handled as CVE-2026-3407. It is possible to launch the attack on the local host. Additionally, an exploit exists.

Applying a patch is the recommended action to fix this issue.

It appears that the issue is not reproducible all the time.

CVE-2026-3407 | YosysHQ yosys up to 0.62 BLIF File Parser kernel/rtlil.h Yosys::RTLIL::Const::set heap-based overflow

Post correlati

CVE-2024-5837 | Google Chrome prior 126.0.6478.54 V8 type confusion (ID 342415)

CVE-2024-53872 | NVIDIA CUDA Toolkit ELF File out-of-bounds

CVE-2024-9802 | Open Mainframe Project Zowe up to 2.16.x Conformance Validation Endpoint information disclosure

CVE-2024-39685 | FishAudio Bert-VITS2 up to 2.3 resample data_dir os command injection (GHSL-2024-045)