Medium severity5.4NVD Advisory· Published Jan 27, 2026· Updated Jun 2, 2026
CVE-2026-1489
CVE-2026-1489
Description
A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- osv-coords18 versionspkg:rpm/opensuse/glib2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/glib2&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/glib2&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/glib2-doc&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/glib2-doc&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/glib2-doc&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/glib2-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 2.78.6-150600.4.35.1+ 17 more
- (no CPE)range: < 2.78.6-150600.4.35.1
- (no CPE)range: < 2.84.4-160000.2.1
- (no CPE)range: < 2.86.3-3.1
- (no CPE)range: < 2.78.6-150600.4.35.1
- (no CPE)range: < 2.84.4-160000.2.1
- (no CPE)range: < 2.62.6-150200.3.42.1
- (no CPE)range: < 2.78.6-150600.4.35.1
- (no CPE)range: < 2.48.2-12.58.1
- (no CPE)range: < 2.78.6-150600.4.35.1
- (no CPE)range: < 2.84.4-160000.2.1
- (no CPE)range: < 2.78.6-150600.4.35.1
- (no CPE)range: < 2.84.4-160000.2.1
- (no CPE)range: < 2.48.2-12.58.1
- (no CPE)range: < 2.76.2-12.1
- (no CPE)range: < 2.78.6-slfo.1.1_6.1
- (no CPE)range: < 2.84.4-160000.2.1
- (no CPE)range: < 2.84.4-160000.2.1
- (no CPE)range: < 2.84.4-160000.2.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.