CVE-2026-7572
Published: 06 May 2026
Summary
CVE-2026-7572 is a medium-severity Off-by-one Error (CWE-193) vulnerability in Rapid7 Velociraptor. Its CVSS base score is 4.4 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 3.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-27516
Vulnerability details
An off-by-one error (CWE-193) in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service (DoS) via a process crash by providing a specially crafted…
more
.evtx file to the parse_evtx VQL plugin.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Off-by-one in local .evtx parser enables crafted input to crash Velociraptor process, directly supporting application exploitation for DoS and impairing defensive tooling.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.