cvedb.io
CVE-2026-56789
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2026-06-25T19:16:45.477 · Last modified 2026-06-26T16:53:38.803

Summary

RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64 satellites per epoch to cause heap buffer overflow writes and out-of-bounds stack reads, crashing RTKLIB-based applications including rnx2rtkp and RTKPOST.

Affected products

rtklib — rtklib

Does this affect you?

Add your gear to cvedb and we'll alert you only when rtklib ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.