Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Freetype: Out-of-bounds read in OpenType variable fonts
OESA-2026-1577
Summary
A security update is available for Freetype, a font rendering library, to fix a weakness that could allow attackers to read sensitive information from memory. Affected users should update to version 2.14.2 to prevent this issue. This update is available and should be applied as soon as possible.
What to do
- Update freetype to version 2.13.2-5.oe2403sp3.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | freetype | <= 2.13.2-5.oe2403sp3 | 2.13.2-5.oe2403sp3 |
Original title
freetype security update
Original description
FreeType is written in C, designed to be small,efficient, highly customizable, and portable while capable of producing high-quality output (glyph images) of most vector and bitmap font formats
Security Fix(es):
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.(CVE-2026-23865)
Security Fix(es):
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.(CVE-2026-23865)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-23865 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026