CVE-2026-5358

The CVE affects the GNU C Library (glibc) up to version 2.43, where the obsolete nis_local_principal function can overflow a buffer in the data section. This may allow an attacker to spoof a crafted UDP response and overwrite neighboring static data in the requesting application. NIS support is d...

CVE-2026-5358

Removed by vendor...

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a buffer overflow in the nislocalprincipal function,...

PT-2026-33850

Name of the Vulnerable Software and Affected Versions glibc versions prior to 2.44 Description The obsolete nis local principal function may overflow a buffer in the data section. This allows an attacker to spoof a crafted response to a UDP request generated by this function and overwrite...

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of the ungetwc function on character sets with...

PT-2026-33852

Name of the Vulnerable Software and Affected Versions gnu C Library versions prior to 2.44 Description Calling the ungetwc function on a FILE stream with wide characters encoded in a character set with overlaps between single byte and multi-byte character encodings can lead to an attempt to read...

PT-2026-33851

Name of the Vulnerable Software and Affected Versions glibc versions 2.7 through 2.43 Description Calling the scanf family of functions using a %mc malloc'd character match with a format width specifier that has an explicit width greater than 1024 can lead to a one byte heap buffer overflow...

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library from 2.7 to 2.43 contained security vulnerabilities. These vulnerabilities stemmed from the use of %mc and format specifiers with a width...

Photon OS 5.0: Glibc PHSA-2026-5.0-0824

An update of the glibc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0824. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE-SU-2026:1369-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. - CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions bsc1260082...

CLSA-2026-1776176227 glibc: Fix of 2 CVEs

CVE-2026-4437: fix incorrect record counting in getanswerptr that allowed iteration past the answer section boundary in DNS responses - CVE-2026-4438: fix hostname validation checking expectedname instead of namebuffer in getanswerptr, which could return invalid hostnames...

SUSE-SU-2026:21039-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. - CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions bsc1260082...

CVE-2026-4046 vulnerabilities

Vulnerabilities for packages: glibc...

Exploit for Out-of-bounds Write in Gnu Glibc

CTT-Vsyslog-Vortex-CVE-2023-6246 CVE-2023-6246 glibc vsyslog...

GHSA-935R-RFCH-9MR7 vulnerabilities

Vulnerabilities for packages: glibc...

GHSA-935R-RFCH-9MR7 vulnerabilities

Vulnerabilities for packages: glibc...

EUVD-2026-17144

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

UBUNTU-CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

CVE-2026-4046 iconv crash due to assertion failure with untrusted input

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...