{"api_version":"1","generated_at":"2026-06-18T23:59:21+00:00","cve":"CVE-2026-1766","urls":{"html":"https://cve.report/CVE-2026-1766","api":"https://cve.report/api/cve/CVE-2026-1766.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-1766","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-1766"},"summary":{"title":"Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.","description":"A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM (Comment) tags. An attacker could exploit this by providing a malicious MP3 file, leading to a denial of service (DoS), which causes an application crash, and potentially disclosing sensitive information from the heap memory.","state":"PUBLISHED","assigner":"fedora","published_at":"2026-06-16 02:16:18","updated_at":"2026-06-16 20:27:50"},"problem_types":["CWE-805","CWE-805 Buffer Access with Incorrect Length Value"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"6.1","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"patrick@puiterwijk.org","type":"Secondary","score":"5.6","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"5.6","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":5.6,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","version":"3.1"}}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2435982","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2435982","refsource":"patrick@puiterwijk.org","tags":["Exploit","Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2026-1766","name":"https://access.redhat.com/security/cve/CVE-2026-1766","refsource":"patrick@puiterwijk.org","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-1766","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1766","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"","platforms":[]}],"timeline":[{"source":"CNA","time":"2026-02-02T14:51:08.941Z","lang":"en","value":"Reported to Red Hat."},{"source":"CNA","time":"2026-02-02T11:11:00.000Z","lang":"en","value":"Made public."}],"solutions":[],"workarounds":[{"source":"CNA","title":"","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.","time":"","lang":"en"}],"exploits":[],"credits":[{"source":"CNA","value":"Red Hat would like to thank Fatih Çelik for reporting this issue.","lang":"en"}],"nvd_cpes":[{"cve_year":"2026","cve_id":"1766","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"localsearch","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1766","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1766","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1766","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"1766","cve":"CVE-2026-1766","epss":"0.001660000","percentile":"0.062060000","score_date":"2026-06-17","updated_at":"2026-06-18 00:11:03"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-1766","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-06-16T14:57:47.072293Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-06-16T14:58:07.957Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:10"],"defaultStatus":"affected","packageName":"tracker-miners","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:8"],"defaultStatus":"affected","packageName":"tracker-miners","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"affected","packageName":"tracker-miners","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"}],"credits":[{"lang":"en","value":"Red Hat would like to thank Fatih Çelik for reporting this issue."}],"datePublic":"2026-02-02T11:11:00.000Z","descriptions":[{"lang":"en","value":"A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM (Comment) tags. An attacker could exploit this by providing a malicious MP3 file, leading to a denial of service (DoS), which causes an application crash, and potentially disclosing sensitive information from the heap memory."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Moderate"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":5.6,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-805","description":"Buffer Access with Incorrect Length Value","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-16T00:34:39.044Z","orgId":"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5","shortName":"fedora"},"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-1766"},{"name":"RHBZ#2435982","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2435982"}],"timeline":[{"lang":"en","time":"2026-02-02T14:51:08.941Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-02-02T11:11:00.000Z","value":"Made public."}],"title":"Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"x_generator":{"engine":"cvelib 1.8.0"},"x_redhatCweChain":"CWE-805: Buffer Access with Incorrect Length Value"}},"cveMetadata":{"assignerOrgId":"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5","assignerShortName":"fedora","cveId":"CVE-2026-1766","datePublished":"2026-06-16T00:34:39.044Z","dateReserved":"2026-02-02T14:57:38.934Z","dateUpdated":"2026-06-16T14:58:07.957Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-16 02:16:18","lastModifiedDate":"2026-06-16 20:27:50","problem_types":["CWE-805","CWE-805 Buffer Access with Incorrect Length Value"],"metrics":{"cvssMetricV31":[{"source":"patrick@puiterwijk.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:localsearch:-:*:*:*:*:*:*:*","matchCriteriaId":"4B4D34AC-1B64-4427-86E3-C378F5B3453D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"1766","Ordinal":"1","Title":"Localsearch: tracker-miners: gnome localsearch mp3 extractor: de","CVE":"CVE-2026-1766","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"1766","Ordinal":"1","NoteData":"A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM (Comment) tags. An attacker could exploit this by providing a malicious MP3 file, leading to a denial of service (DoS), which causes an application crash, and potentially disclosing sensitive information from the heap memory.","Type":"Description","Title":"Localsearch: tracker-miners: gnome localsearch mp3 extractor: de"}]}}}