CVE Catalog

CVE-2026-58011

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.34%

26th percentile — higher than 26% of all known CVEs

Summary

A flaw was found in GLib where an out-of-bounds read of 2 bytes occurs in the g_date_time_get_ymd function in glib/gdatetime.c when processing an invalid GDateTime object created by g_date_time_add_full. This can corrupt date output and cause logic errors.

Risk Assessment

The vulnerability may corrupt date output and cause logic errors, potentially leading to a denial of service (DoS) in applications using GLib.

Recommendation

It is recommended to immediately update GLib to a patched version. Monitor official security advisories from your distribution.

Original NVD description (English source)

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g_date_time_get_ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g_date_time_add_full function is processed. This flaw can corrupt the date output and potentially cause logic errors that may lead to a denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS