Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

The GNU C Library — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting The GNU C Library. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The GNU C Library serves as the fundamental implementation of the standard C library for the Linux operating system, providing essential system calls and functions required by nearly all user-space applications. Historically, its widespread adoption has made it a frequent target for critical vulnerabilities, particularly those involving buffer overflows, integer overflows, and memory corruption issues that can lead to remote code execution or privilege escalation. While it does not typically suffer from web-specific flaws like cross-site scripting, its core role in handling input parsing and memory management has resulted in significant incidents, such as the GHOST vulnerability, which allowed attackers to execute arbitrary code through a simple function call. With numerous CVEs on record, the library remains a critical component where security patches are vital for maintaining system integrity across diverse Linux distributions.

Top products by The GNU C Library: glibc
CVE IDTitleCVSSSeverityPublished
CVE-2026-6238 Buffer overread in ns_printrrf with corrupted RDATA field — glibcCWE-126 8.2AIHighAI2026-04-28
CVE-2026-5435 Potential buffer overflow in ns_sprintrrf TSIG handling path — glibcCWE-787 9.8AICriticalAI2026-04-28
CVE-2026-5450 scanf %mc off-by-one heap buffer overflow — glibcCWE-122 9.8AICriticalAI2026-04-20
CVE-2026-5928 Potential buffer under-read in ungetwc — glibcCWE-127 9.1AICriticalAI2026-04-20
CVE-2026-4046 iconv crash due to assertion failure with untrusted input — glibcCWE-617 7.5 -2026-03-30
CVE-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames — glibcCWE-20 4.3 -2026-03-20
CVE-2026-4437 gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response — glibcCWE-125 7.5 -2026-03-20
CVE-2026-3904 GNU C Library 安全漏洞 — glibcCWE-366 6.8AIMediumAI2026-03-11
CVE-2025-15281 wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory — glibcCWE-908 7.5AIHighAI2026-01-20
CVE-2026-0915 getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler — glibcCWE-908 7.5AIHighAI2026-01-15
CVE-2026-0861 Integer overflow in memalign leads to heap corruption — glibcCWE-190 9.8AICriticalAI2026-01-14
CVE-2025-8058 GNU C Library 安全漏洞 — glibcCWE-415 9.8 -2025-07-23
CVE-2025-5745 GNU C Library 安全漏洞 — glibc 9.4 -2025-06-05
CVE-2025-5702 GNU C Library 安全漏洞 — glibc 9.4 -2025-06-05
CVE-2025-4802 GNU C Library 安全漏洞 — glibcCWE-426 7.5AIHighAI2025-05-16
CVE-2025-0395 GNU C Library 安全漏洞 — glibcCWE-131 9.8 -2025-01-22
CVE-2024-33602 nscd: netgroup cache assumes NSS callback uses in-buffer strings — glibcCWE-466 8.4 -2024-05-06
CVE-2024-33601 nscd: netgroup cache may terminate daemon on memory allocation failure — glibcCWE-617 6.2 -2024-05-06
CVE-2024-33600 nscd: Null pointer crashes after notfound response — glibcCWE-476 7.5 -2024-05-06
CVE-2024-33599 nscd: Stack-based buffer overflow in netgroup cache — glibcCWE-121 9.8AICriticalAI2024-05-06
CVE-2024-2961 GNU C Library 安全漏洞 — glibcCWE-787 9.1AICriticalAI2024-04-17

This page lists every published CVE security advisory associated with The GNU C Library. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.