5.4
CVE-2026-1489
- EPSS 0.33%
- Veröffentlicht 27.01.2026 14:26:47
- Zuletzt bearbeitet 02.06.2026 14:16:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Glib: glib: memory corruption via integer overflow in unicode case conversion
A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
HerstellerSiemens
≫
Produkt
RUGGEDCOM RST2428P
Default Statusunknown
Version
0
Version <
V4.0
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.241 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 5.4 | 2.8 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://access.redhat.com/security/cve/CVE-2026-1489
https://bugzilla.redhat.com/show_bug.cgi?id=2433348
https://gitlab.gnome.org/GNOME/glib/-/issues/3872
https://cert-portal.siemens.com/productcert/html/ssa-253495.html