ByteOS Network

harfbuzz\

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2026-0943

Assigner-CPAN Security Group

View Details

Assigner-CPAN Security Group

CVSS Score-7.5||HIGH

EPSS-0.05% / 16.75%

7 Day CHG~0.00%

Published-19 Jan, 2026 | 02:46

Updated-04 Mar, 2026 | 14:48

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hb_src.tar.gz in the source tarball, which is affected by CVE-2026-22693.

Vendor-jv JV

Product-harfbuzz\HarfBuzz::Shaper

CWE ID-CWE-476

NULL Pointer Dereference

CWE ID-CWE-1395

Dependency on Vulnerable Third-Party Component