CVE-2026-7572 | Velocidex Velociraptor up to 0.76.4 on Windows VQL Plugin parse_evtx off-by-one (EUVD-2026-27516)

A vulnerability classified as problematic was found in Velocidex Velociraptor up to 0.76.4 on Windows. This affects the function parse_evtx of the component VQL Plugin. Executing a manipulation can lead to off-by-one.

This vulnerability is registered as CVE-2026-7572. The attack needs to be launched locally. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More