Velocidex Velociraptor has an off-by-one error

GHSA-6cmp-qv2f-x97x · CVE-2026-7572

Published May 6, 2026 · Modified May 11, 2026

Description

An off-by-one error (CWE-193) in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service (DoS) via a process crash by providing a specially crafted .evtx file to the parse_evtx VQL plugin.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-7572
WEB https://docs.velociraptor.app/announcements/advisories/cve-2026-7572
PACKAGE https://github.com/Velocidex/velociraptor

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes