cbcvebase.
CVE-2026-0810
published 2026-01-26

CVE-2026-0810: A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates…

PriorityP430high7.1CVSS 3.1
AVLACLPRLUINSUCNIHAH
EPSS
0.19%
9.1th percentile
A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

Affected

5 ranges
VendorProductVersion rangeFixed in
debianrust-gix-date
gitoxidelabsgitoxide< 0.12.00.12.0
gitoxidelabsgix-date< 0.12.00.12.0
gitoxidelabsgix-date>= 0 < 0.12.00.12.0
gitoxidelabsgix-date>= 0.0.0-0 < 0.12.00.12.0

CVSS provenance

nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
osv7.1HIGH
vendor_debian7.1HIGH
vendor_redhat7.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.