Velocidex Velociraptor has an off-by-one error
Moderate severity
GitHub Reviewed
Published
May 6, 2026
to the GitHub Advisory Database
•
Updated May 11, 2026
Package
Affected versions
< 0.76.5
Patched versions
0.76.5
Description
Published by the National Vulnerability Database
May 6, 2026
Published to the GitHub Advisory Database
May 6, 2026
Reviewed
May 11, 2026
Last updated
May 11, 2026
An off-by-one error (CWE-193) in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service (DoS) via a process crash by providing a specially crafted .evtx file to the parse_evtx VQL plugin.
References