Graphviz 2.36 before 10.0.0 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root. https://nvd.nist.gov/vuln/detail/CVE-2023-46045