CVE-2026-44375— Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException
Possible ATT&CK Techniques 1AI
T1496 · Resource HijackingAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AArnott | Nerdbank.MessagePack | < 1.1.62 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44375
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException
Source: NVD (National Vulnerability Database)
Vulnerability Description
Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the reader to allocate an attacker-controlled number of bytes on the stack. This can trigger a StackOverflowException, which is not catchable by user code and terminates the process. This vulnerability is fixed in 1.1.62.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未经控制的内存分配
Source: NVD (National Vulnerability Database)
Vulnerability Title
Nerdbank.MessagePack 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Nerdbank.MessagePack是Andrew Arnott个人开发者的一个面向.NET平台的MessagePack序列化库。 Nerdbank.MessagePack 1.1.62之前版本存在安全漏洞,该漏洞源于DateTime解码中存在不受控制的栈分配,恶意MessagePack有效载荷可声明过大的时间戳扩展长度,导致读取器在栈上分配攻击者控制的字节数,触发StackOverflowException并终止进程。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| AArnott | Nerdbank.MessagePack | < 1.1.62 | - |
II. Public POCs for CVE-2026-44375
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
Qwen3.6-35B-A3B · 9558 chars
Paid plan includes:
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month
III. Intelligence Information for CVE-2026-44375
请登录查看更多情报信息。
- https://github.com/AArnott/Nerdbank.MessagePack/pull/941x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2026-44375
IV. Related Vulnerabilities
Same weakness: CWE-789
- CVE-2021-47973
Sticky Notes Widget 3.0.6 Denial of Service via Buffer Overf - CVE-2021-47972
Sticky Notes & Color Widgets 1.4.2 Denial of Service - CVE-2021-47971
My Notes Safe 5.3 Denial of Service via Buffer Overflow - CVE-2021-47970
Macaron Notes 5.5 Denial of Service via Buffer Overflow - CVE-2021-47969
Color Notes 1.4 Denial of Service via Long Character String
V. Comments for CVE-2026-44375
No comments yet