A vulnerability classified as critical has been found in samtools htslib up to 1.21.0/1.22.1/1.23 . This affects an unknown part of the component CRAM Feature . This manipulation causes heap-based buffer overflow. This vulnerability is registered as CVE-2026-31963 . Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.