CVE-2026-5358
The CVE affects the GNU C Library (glibc) up to version 2.43, where the obsolete nis_local_principal function can overflow a buffer in the data section. This may allow an attacker to spoof a crafted UDP response and overwrite neighboring static data in the requesting application. NIS support is d...