Loading
HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read).
Use CWE-787, Htslib vendor hub and Htslib product page to widen CVE-2020-36403 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-31968, CVE-2026-31963 and CVE-2026-31962 for nearby disclosures in the same product family.