CVE-2026-3407

Name of the Vulnerable Software and Affected Versions YosysHQ yosys versions prior to 0.63

Description A heap-based buffer overflow exists in YosysHQ yosys due to a flaw in the BLIF File Parser component, specifically within the Yosys::RTLIL::Const::set function located in the kernel/rtlil.h file. This manipulation can be triggered on a local host. The exploit has been publicly disclosed.

Recommendations Apply a patch to address this issue.