๐Ÿ” CVE Alert

CVE-2026-34353

MEDIUM 5.9
CVSS Score
5.9
EPSS Score
0.0%
EPSS Percentile
2th

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed.

CWE CWE-190
Vendor ocaml
Product ocaml
Published Mar 27, 2026
Last Updated Mar 27, 2026
Stay Ahead of the Next One

Get instant alerts for ocaml ocaml

Be the first to know when new medium vulnerabilities affecting ocaml ocaml are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Affected Versions

OCaml / OCaml
0 โ‰ค 4.14.3

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/ocaml/ocaml/issues/14655 github.com: https://github.com/ocaml/ocaml/pull/14674