Skip to main content

GLib CVE-2026-58014

| EUVDEUVD-2026-40316 HIGH
Off-by-one Error (CWE-193)
2026-06-30 secalert@redhat.com GHSA-h88q-m8mm-7243
8.6
CVSS 3.1 · NVD
Share

Severity by source

Vendor (redhat) PRIMARY
HIGH
qualitative
NVD
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
vuln.today AI
6.8 MEDIUM

Trigger is parsing an attacker-supplied key file, so AV:L rather than N; an out-of-bounds read has no integrity impact (I:N), a single leaked byte gives C:L, and the reliable crash gives A:H.

3.1 AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (redhat).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
High

Lifecycle Timeline

6
Analysis Updated
Jul 01, 2026 - 18:16 vuln.today
v3 (cvss_changed)
Analysis Updated
Jul 01, 2026 - 18:16 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jul 01, 2026 - 18:07 vuln.today
cvss_changed
CVSS changed
Jul 01, 2026 - 18:07 NVD
7.3 (HIGH) 8.6 (HIGH)
Patch available
Jun 30, 2026 - 16:01 EUVD
Analysis Generated
Jun 30, 2026 - 13:31 vuln.today

DescriptionNVD

A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundary.

AnalysisAI

Denial of service (and a 1-byte out-of-bounds read) in GNOME GLib before 2.88.1 arises from an off-by-one error in g_key_file_get_locale_string_list() in gkeyfile.c when a parsed key file contains an empty value. Any application built on GLib that loads attacker-influenced .desktop/.ini-style key files can be crashed if the over-read crosses a page boundary, with a minor information-disclosure component from the single out-of-bounds byte. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft key file with empty-value key
Delivery
Deliver to GLib-based application
Exploit
Application calls g_key_file_get_locale_string_list()
Execution
Off-by-one over-read crosses page boundary
Impact
Process crash / 1-byte info leak (DoS)

Vulnerability AssessmentAI

Exploitation Exploitation requires that a GLib-linked application actually call g_key_file_get_locale_string_list() while parsing an attacker-controlled key file that contains a key with an empty value - that empty-value condition is the specific trigger. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals conflict and should be reconciled before treating this as a top-tier emergency. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a key file (e.g., a .desktop or .ini-style config) containing a key with an empty locale string-list value and gets a GLib-based application to load it - for instance via a malicious downloaded launcher, an imported profile, or a config path an application reads automatically. When g_key_file_get_locale_string_list() parses it and the off-by-one over-read lands on a page boundary, the process crashes (DoS); public POC-level exploit code exists per SSVC, though only a partial technical impact is expected.
Remediation Upgrade GLib to 2.88.1 or later, which contains the upstream fix; the patch is confirmed available from the vendor. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory systems and applications dependent on GLib, prioritizing GNOME desktop environments and core Linux services. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-32463 CRITICAL POC
9.3 Jun 30

Sudo before 1.9.17p1 contains a local root escalation vulnerability (CVE-2025-32463, CVSS 9.3) through the --chroot opti

CVE-2024-6387 HIGH POC
8.1 Jul 01

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to

CVE-2024-12085 HIGH POC
7.5 Jan 14

A flaw was found in rsync which could be triggered when rsync compares file checksums. Rated high severity (CVSS 7.5), t

CVE-2024-12084 CRITICAL POC
9.8 Jan 15

A heap-based buffer overflow flaw was found in the rsync daemon. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2025-6021 HIGH POC
7.5 Jun 12

Stack-based buffer overflow in libxml2's xmlBuildQName function allows remote unauthenticated attackers to crash affecte

CVE-2024-12087 HIGH POC
7.5 Jan 14

Server-to-client path traversal in rsync lets a malicious or compromised rsync server write files outside the client's i

CVE-2024-0553 HIGH POC
7.5 Jan 16

A vulnerability was found in GnuTLS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no auth

CVE-2025-46397 HIGH POC
7.8 Apr 23

A flaw was found in xfig. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit co

CVE-2025-5914 HIGH POC
7.8 Jun 09

CVE-2025-5914 is an integer overflow vulnerability in libarchive's archive_read_format_rar_seek_data() function that lea

CVE-2025-3155 HIGH POC
7.4 Apr 03

A flaw was found in Yelp. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication

CVE-2025-2784 MEDIUM POC
6.5 Apr 03

A flaw was found in libsoup. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authenticati

CVE-2024-12086 MEDIUM POC
6.8 Jan 14

A flaw was found in rsync. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authenticati

Share

CVE-2026-58014 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy