CVE-2026-42199

Name of the Vulnerable Software and Affected Versions Grid versions 0.17.0 through 1.0.0

Description An integer overflow in the expand rows() function can corrupt the relationship between the grid's logical dimensions and its backing storage. This occurs because the function computes the new backing length using unchecked arithmetic. If the calculation overflows, the backing storage may be resized to a length smaller than required. Consequently, the safe API get() may invoke get unchecked() with an invalid index, leading to Undefined Behavior, which is a state where the program's behavior is no longer predictable and may result in crashes or denial of service.

Recommendations Update to version 1.0.1.