Unrated severityNVD Advisory· Published Feb 18, 2026· Updated Feb 18, 2026
CVE-2026-27171
CVE-2026-27171
Description
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- osv-coords15 versionspkg:apk/chainguard/zlibpkg:apk/chainguard/zlib-devpkg:apk/wolfi/zlibpkg:apk/wolfi/zlib-devpkg:rpm/opensuse/zlib&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/zlib&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/zlib&distro=openSUSE%20Tumbleweedpkg:rpm/suse/zlib&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Micro%206.2
< 1.3.2-r0+ 14 more
- (no CPE)range: < 1.3.2-r0
- (no CPE)range: < 1.3.2-r0
- (no CPE)range: < 1.3.2-r0
- (no CPE)range: < 1.3.2-r0
- (no CPE)range: < 1.2.13-150500.4.6.1
- (no CPE)range: < 1.2.13-160000.3.1
- (no CPE)range: < 1.3.1-2.1
- (no CPE)range: < 1.2.13-150500.4.6.1
- (no CPE)range: < 1.2.13-150500.4.6.1
- (no CPE)range: < 1.2.13-150500.4.6.1
- (no CPE)range: < 1.2.13-160000.3.1
- (no CPE)range: < 1.2.13-160000.3.1
- (no CPE)range: < 1.2.13-7.1
- (no CPE)range: < 1.2.13-slfo.1.1_2.1
- (no CPE)range: < 1.2.13-160000.3.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.