CVE-2026-5435

· NIST NVD ↗

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.

HIGH
CVSS severity
7.3
CVSS base score
2026-04-28
Published

CWE codes

CWE-787

Affected products

gnu:glibc

Sources