Does this usage of strncmp contain an out of bounds read?

Fortify indicates that this is an out of bounds read:

if (strncmp("test string", "less than 32 char", 32) == 0)
{
...
}

It says that the function reads data from outside the bounds of less than 32 char.

Is there really a finding if strncmp goes beyond 32 chars and the second string is less than 32 chars?

TL;DR - strncmp() will keep comparing the string elements, until either the end of either string or 32 elements (characters), whichever is fewer.

A(ny) string is always null-terminated and upon encountering null-terminator, no further comparison is performed. Your code is safe.

Quoting C11, chapter §7.24.4.4 (emphasis mine)

int strncmp(const char *s1, const char *s2, size_t n);

The strncmp function compares not more than n characters (characters that follow a null character are not compared) from the array pointed to by s1 to the array pointed to by s2.