CVE-2026-1484 — Out-of-bounds Write in Glib2.0

CWE-787 — Out-of-bounds Write8 documents7 sources

Severity

4.2MEDIUMNVD

EPSS

0.0%

top 95.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Glib2.0

Timeline

PublishedJan 27

Latest updateFeb 5

Description

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:LExploitability: 1.6 | Impact: 2.5

Affected Packages1 packages

▶debiandebian/glib2.0< glib2.0 2.66.8-1+deb11u8 (bullseye)

🔴Vulnerability Details

OSV

glib2.0 vulnerabilities↗2026-02-05

▶

GHSA

GHSA-r2rp-r5cj-6c6x: A flaw was found in the GLib Base64 encoding routine when processing very large input data↗2026-01-27

▶

OSV

CVE-2026-1484: A flaw was found in the GLib Base64 encoding routine when processing very large input data↗2026-01-27

▶

📋Vendor Advisories

Ubuntu

GLib vulnerabilities↗2026-02-05

▶

Red Hat

Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode()↗2026-01-27

▶

Debian

CVE-2026-1484: glib2.0 - A flaw was found in the GLib Base64 encoding routine when processing very large ...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-1484 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶