CVE-2026-58012

🗓️ 30 Jun 2026 12:57:21Reported by redhatType

CVE-2026-58012: GLib g_regex_replace may over-read with G_REGEX_RAW and case-change escapes, leaking 1–5 bytes and causing DoS.

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2026-58012	30 Jun 202612:57	–	attackerkb
Circl	CVE-2026-58012	30 Jun 202614:21	–	circl
Cvelist	CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()	30 Jun 202612:57	–	cvelist
EUVD	EUVD-2026-40314	30 Jun 202612:57	–	euvd
NVD	CVE-2026-58012	30 Jun 202613:19	–	nvd
Positive Technologies	PT-2026-53871	30 Jun 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()	30 Jun 202612:57	–	vulnrichment

Vulners

Node

gnome glibRange≤0

[
  {
    "vendor": "GNOME",
    "product": "GLib",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "2.86.5",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "2.88.1",
        "versionType": "semver"
      }
    ],
    "packageName": "GLib",
    "collectionURL": "https://gitlab.gnome.org/GNOME/glib/",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mingw-glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mingw-glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mingw-glib2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Hardened Images",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "glib2",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/a:redhat:hummingbird:1"
    ]
  }
]

Source	Link
gitlab	www.gitlab.gnome.org/GNOME/glib/-/issues/3918
access	www.access.redhat.com/security/cve/CVE-2026-58012
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

30 Jun 2026 15:16Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.16.5

SSVC

CWE-126