CVE-2026-40355: Unchecked Custom Array Pointer

A pointer returned by a custom offset-based extractor function is mapped and dereferenced in a loop without a validation boundary for NULL. This can lead to a NULL pointer dereference.

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0

C^β

greprules fetch cve-2026-40355-unchecked-custom-array-pointer --engine opengrep

Description

A pointer returned by a custom offset-based extractor function is mapped and dereferenced in a loop without a validation boundary for NULL. This can lead to a NULL pointer dereference.

License: Apache-2.0
Source context: Public repository
Source: Provally CVE rule catalog
Validation status: Verified
Quality signals: 145 downloads
0 direct145 via packs
· 0 stars · Quality score 70How quality works
Included packs: 2 packs

Community feedback

0 signals from signed-in users.

Useful: 0
False positive: 0
Metadata: 0