A memory safety vulnerability in mouse07410/asn1c version 1.4 and earlier affects the OER decoding skeleton files. The vulnerability allows a 1-byte heap out-of-bounds read when parsing maliciously crafted zero-length OER payloads for variable-length, non-negative INTEGER types. The issue occurs in INTEGER_oer.c where the decoder fails to validate required bytes before extracting the Most Significant Bit. This can be exploited by remote attackers to cause denial of service or trigger incorrect integer interpretation in applications processing untrusted network inputs like V2X protocols, 5G telecom headers, or X.509 certificates.