CVE-2026-56789 | THREATINT

Description

RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64 satellites per epoch to cause heap buffer overflow writes and out-of-bounds stack reads, crashing RTKLIB-based applications including rnx2rtkp and RTKPOST.

PUBLISHED Reserved 2026-06-23 | Published 2026-06-25 | Updated 2026-06-25 | Assigner VulnCheck

HIGH: 7.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Problem types

Heap-based Buffer Overflow

Product status

Default status

unaffected

Any version

affected

Credits

FuzzingLabs finder

References

github.com/tomojitakasu/RTKLIB/issues/796 (Researcher Disclosure) technical-description exploit

www.vulncheck.com/...a-oversized-rinex-epoch-satellite-count third-party-advisory

cve.org (CVE-2026-56789)

nvd.nist.gov (CVE-2026-56789)

Download JSON