glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

A flaw was found in glibc GNU C Library. This vulnerability occurs when an application uses the scanf family of functions with a %mc format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination c...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

EulerOS Virtualization 2.13.0 : glibc (EulerOS-SA-2026-2399)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a...

Security update for glibc

This update for glibc fixes the following issues CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. CVE-2026-5928: libio: ungetwc could...

SUSE-SU-2026:2333-1 Security update for glibc

This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. - CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. - CVE-2026-5928: libio: ungetwc...

SUSE-SU-2026:2231-1 Security update for glibc

This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. - CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. - CVE-2026-5928: libio: ungetwc...

OESA-2026-2489 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2026-2412 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2026-2411 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2026-2410 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2026-2409 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

SUSE-SU-2026:21807-1 Security update for glibc

This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. - CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. - CVE-2026-5928: libio: ungetwc...

SUSE-SU-2026:21751-1 Security update for glibc

This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. - CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. - CVE-2026-5928: libio: ungetwc...

SUSE-SU-2026:21682-1 Security update for glibc

This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. - CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. - CVE-2026-5928: libio: ungetwc...

SUSE-SU-2026:21688-1 Security update for glibc

This update for glibc fixes the following issues - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. - CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. - CVE-2026-5928: libio: ungetwc...

Fedora 43 : glibc (2026-4b7780802c)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4b7780802c advisory. This update provides various security fixes. Buffer overflow in scanf %mc CVE-2026-5450 nssprintrrf buffer overreads CVE-2026-6238 nssprintrrf buffe...

SUSE CVE-2026-5450

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

CVE-2026-5450

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

DEBIAN-CVE-2026-5450

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

CVE-2026-5450

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...