CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-0943

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hb_src.tar.gz in the source tarball, which is affected by CVE-2026-22693.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.7%

CVSS Severity

CVSS v3 Score 7.5

References

https://bugzilla.redhat.com/show_bug.cgi?id=2429296
https://metacpan.org/release/JV/HarfBuzz-Shaper-0.032/changes
https://www.cve.org/CVERecord?id=CVE-2026-22693

Products affected by CVE-2026-0943

Jv » Harfbuzz: » Version: Any

cpe:2.3:a:jv:harfbuzz:

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-0943

Products

Pricing

Contact Us