CVE-2026-55738 is a stack-based buffer overflow in rxi microtar 0.1.0's raw_to_header() function. The vulnerability arises from using strcpy() to copy the 100-byte name and linkname fields of a TAR header without guaranteeing null termination. The POSIX ustar format allows these fields to be fully populated with non-null bytes, enabling a crafted TAR archive to cause strcpy() to read beyond the 512-byte raw header buffer on the stack and write past the destination buffer. This can be triggered remotely by supplying a malicious TAR archive that is opened or parsed via mtar_open(), mtar_read_header(), or mtar_find(), potentially causing a crash or arbitrary code execution. The issue was confirmed using AddressSanitizer.

Successful exploitation allows a remote attacker to cause a stack-based buffer overflow leading to denial of service (application crash) or potentially arbitrary code execution when a crafted TAR archive is processed by the vulnerable functions in microtar 0.1.0.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, avoid opening or parsing untrusted TAR archives with microtar 0.1.0. Monitor vendor channels for updates or patches addressing this vulnerability.