CRITICALCVE-2026-5450Published Modified CNA glibc
CVE-2026-5450: scanf %mc off-by-one heap buffer overflow
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- *
- Affected Products
- 1
Fix available
*
Affected packages
- The GNU C Library / glibc< * (from 2.7)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HReferences