Low severity2.8NVD Advisory· Published Jan 27, 2026· Updated Apr 15, 2026

CVE-2026-1485

Description

A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/CVE-2026-1485nvd
bugzilla.redhat.com/show_bug.cginvd
gitlab.gnome.org/GNOME/glib/-/issues/3871nvd

News mentions

No linked articles in our index yet.

cvss	0.182
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000