Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

samtools — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting samtools. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Samtools is a suite of utilities for manipulating alignments in the SAM/BAM format, primarily used in genomic data analysis. Historically, it has been susceptible to remote code execution vulnerabilities through crafted input files, as well as memory corruption issues leading to potential denial of service. Privilege escalation risks exist when processing untrusted data. While no major public security incidents have been widely documented, the 12 recorded CVEs highlight ongoing concerns, particularly around buffer overflows and unsafe parsing of binary alignment files. The software's complex parsing of genomic data presents multiple attack surfaces, requiring careful input validation and secure coding practices to mitigate potential exploitation risks.

Top products by samtools: htslib samtools
CVE IDTitleCVSSSeverityPublished
CVE-2026-31973 NULL pointer dereference in samtools cram-size — samtoolsCWE-476 7.5 -2026-03-18
CVE-2026-31972 samtools mpileup has use-after-free leading to an invalid read — samtoolsCWE-416 7.1 -2026-03-18
CVE-2026-31971 HTSlib CRAM decoder vulnerable to buffer overflow — htslibCWE-121 9.8 -2026-03-18
CVE-2026-31970 HTSlib BGZF index file reader has a heap buffer overflow — htslibCWE-122 9.8 -2026-03-18
CVE-2026-31969 HTSlib CRAM decoder has a heap buffer overflow — htslibCWE-122 8.8 -2026-03-18
CVE-2026-31968 HTSlib CRAM decoder vulnerable to buffer overflow — htslibCWE-121 8.2 -2026-03-18
CVE-2026-31967 HTSlib CRAM reader has out-of-bounds read due to improper validation of input — htslibCWE-125 9.8 -2026-03-18
CVE-2026-31966 HTSlib CRAM reader has out-of-bounds read due to improper validation of input — htslibCWE-125 8.2 -2026-03-18
CVE-2026-31965 HTSlib CRAM reader has out-of-bounds reads due to improper validation of input — htslibCWE-125 9.1 -2026-03-18
CVE-2026-31964 HTSlib CRAM decoder has a NULL Pointer Dereference — htslibCWE-476 5.3 -2026-03-18
CVE-2026-31963 HTSlib CRAM reader has heap buffer overflow due to improper validation of input — htslibCWE-122 9.4 -2026-03-18
CVE-2026-31962 HTSlib CRAM reader has heap buffer overflow due to improper validation of input — htslibCWE-122 7.5 -2026-03-18

This page lists every published CVE security advisory associated with samtools. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.