MEDIUM SeverityCVSS 3.14.4CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

CVE-2026-7572

Last updated May 06, 2026 · Published May 06, 2026

Description

An off-by-one error (CWE-193) in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service (DoS) via a process crash by providing a specially crafted .evtx file to the parse_evtx VQL plugin.

Affected products

1 listed

Velocidex:velociraptor

Mappings

CWE

CWE-193

CAPEC

CAPEC-617

Guides

Rate Limiting in Node.jsPatterns for APIs, login endpoints, and abuse control.

Training

API Design That Defends ItselfREST, GraphQL, and gRPC patterns that reduce your attack surface by design.

CVE-2026-7572

Description

Affected products

Mappings

Related