CVE-2026-34353

null · ocaml

CVE-2026-34353: In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when un

Description

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed.

Affected Products

Vendor	Product	Versions
null	ocaml	0

References

Related News (1 articles)

Tier C

VulDB3d ago

CVE-2026-34353 | OCaml up to 4.14.3 Bigarray.reshape integer overflow

→ No new info (linked only)

CVSS 3.15.9 MEDIUM

VectorCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited❌ No

CWECWE-190

PublishedMar 27, 2026

Last enriched3d agov2

Trending Score13

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-28505EXP

Tautulli: RCE via eval() sandbox bypass using lambda nested scope to escape co_names whitelist check

Trending: 63

CRITICALCVE-2026-31804EXP

Tautulli: Unauthenticated pms_image_proxy endpoint proxies arbitrary HTTP requests through the Plex Media Server

Trending: 50

HIGHCVE-2026-32275EXP

Tautulli: Unsanitized JSONP callback parameter allows cross-origin script injection and API key theft

Trending: 47

HIGHCVE-2026-31831EXP

Tautulli: Unauthenticated Path Traversal in `/newsletter/image/images` endpoint

Trending: 47

CRITICALCVE-2026-31799

Tautulli: SQL Injection in get_home_stats API endpoint via unsanitised filter parameters

Trending: 38

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Mar 27, 2026

Discovered by ZDM

Mar 27, 2026

Updated: affectedVersions, severity, cvssEstimate

Mar 27, 2026

Version History

Last enriched 3d ago

v2Tier C3d ago

Updated vendor to 'ocaml', added affected versions 4.14.0, 4.14.1, 4.14.2, changed severity to LOW, and updated CVSS estimate to 4.2.

affectedVersionsseveritycvssEstimate

via VulDB

v13d ago

Initial creation