CVE-2026-11822

Published: June 13, 2026Last modified: June 19, 2026

Description

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bounds read in fts5LeafSeek() via an attacker-controlled loop bound and a heap buffer overflow write in fts5ChunkIterate() through a crafted continuation page causing an integer underflow, exploitable when an FTS5 MATCH query is executed against the malicious database.

Severity score breakdown

ParameterValue
Base score7.8
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredNONE
User interactionREQUIRED
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactHIGH
Availability impactHIGH
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSsqliteUnknown (3.40.0-r0)
25 LTSsqliteUnknown (3.49.2-r0)
StreamsqliteFixed (3.53.2-r0)
Hardened Containers23 LTSsqliteUnknown (3.40.0-r0)
25 LTSsqliteUnknown (3.49.2-r0)
StreamsqliteFixed (3.53.2-r0)

References

ON THIS PAGE