CVE-2026-22693 | HarfBuzz up to 12.2.x src/hb-ot-cmap-table.hh create null pointer dereference (GHSA-xvjr-f2r9-c7ww)

A vulnerability identified as problematic has been detected in HarfBuzz up to 12.2.x. This affects the function SubtableUnicodesCache::create of the file src/hb-ot-cmap-table.hh. Performing a manipulation results in null pointer dereference.

This vulnerability is cataloged as CVE-2026-22693. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More