Description

A flaw was found in glib-networking. A malicious Transport Layer Security (TLS) server can exploit an out-of-bounds read and invalid free vulnerability when a client using the OpenSSL backend connects. By advertising a specially crafted client-CA list, the server can trigger an issue where memory is accessed outside of its allocated buffer and subsequently freed incorrectly. This can lead to a denial-of-service and potentially disclose limited heap memory.

INFO

Published Date :

Last Modified :

Source :

AFFECTED PRODUCTS

The following products are affected by CVE-2026-2574 vulnerability.

Vendors Products
Gnome
  • Glib-networking
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-2574.

URL Resource
https://nvd.nist.gov/vuln/detail/CVE-2026-2574 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-2574 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact