CVE Catalog
CVE-2026-38640
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.45%
36th percentile — higher than 36% of all known CVEs
Summary
A reachable unwrap in the __assert_fail function of relibc (commit 61f42d) allows attackers to cause a Denial of Service (DoS) via a crafted string.
Risk Assessment
An attacker can remotely crash applications using the vulnerable version of relibc, leading to service disruption and potential financial or operational losses.
Recommendation
Update relibc to a version containing the fix for commit 61f42d or apply a patch to prevent uncontrolled unwrap in the __assert_fail function.
Original NVD description (English source)
A reachable unwrap in the __assert_fail function (/assert/mod.rs) of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a crafted string.

