Hi All, Here is a vulnerability reported in YARA library by Black Duck software. https://nvd.nist.gov/vuln/detail/CVE-2021-3402 This vulnerability affects all versions before libyara 4.0.4 and it seems osquery uses YARA 4.0.2. Would this vulnerability have an impact on the osquery running on Windows ? Thanks!

There is also https://github.com/osquery/osquery/issues/7123 for this