Skip to content

YARA

v4.5.5 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 7mo SIEM & Threat Detection
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Summary

AI summary

Added Windows --no-follow-symlinks option; fixed infinite loop parsing corrupt PE resource directories; reverted YR_RE_SCAN_LIMIT to 4096; improved all-matches string detection; and patched a heap overflow vulnerability when loading hand-crafted compiled rules.

Breaking Changes

  • YR_RE_SCAN_LIMIT reverted to 4096 — any workflows or rules that relied on the previously increased limit may behave differently or fail to match as expected.

Security Fixes

  • Heap overflow when loading hand-crafted compiled rules (CVE not assigned in changelog, reported by Momoko Shiraishi, #2178)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track YARA

Get notified when new releases ship.

Sign up free

About YARA

The pattern matching swiss knife

All releases →

Related context

Beta — feedback welcome: [email protected]