CVE-2026-24799

MEDIUM

davisking dlib <19.24.9 - Buffer Overflow

Title source: llm

Description

Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9.

References (1)

[Issue Tracking] https://github.com/davisking/dlib/pull/3063

Scores

CVSS v4 5.2

EPSS 0.0002

EPSS Percentile 5.9%

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L/S:N/AU:Y/R:U/V:C/RE:L/U:Amber

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-120 CWE-787

Status published

Products (1)

davisking/dlib < v19.24.9

Published Jan 27, 2026

Tracked Since Feb 18, 2026