CVE-2026-1484

Published: Jan 27, 2026Modified: Jun 2, 2026Deferred

4.2

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L

Exploitability: 1.6 / Impact: 2.5

Source: secalert@redhat.com (Secondary)

Description

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://access.redhat.com/security/cve/CVE-2026-1484

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2433259

Source: secalert@redhat.com

https://gitlab.gnome.org/GNOME/glib/-/issues/3870

Source: secalert@redhat.com

https://cert-portal.siemens.com/productcert/html/ssa-253495.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.