CVE-2026-58011
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk26th percentile — higher than 26% of all known CVEs
Summary
A flaw was found in GLib where an out-of-bounds read of 2 bytes occurs in the g_date_time_get_ymd function in glib/gdatetime.c when processing an invalid GDateTime object created by g_date_time_add_full. This can corrupt date output and cause logic errors.
Risk Assessment
The vulnerability may corrupt date output and cause logic errors, potentially leading to a denial of service (DoS) in applications using GLib.
Recommendation
It is recommended to immediately update GLib to a patched version. Monitor official security advisories from your distribution.
Original NVD description (English source)
A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g_date_time_get_ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g_date_time_add_full function is processed. This flaw can corrupt the date output and potentially cause logic errors that may lead to a denial of service.

