High severity7.3NVD Advisory· Published Apr 28, 2026· Updated May 5, 2026
CVE-2026-5435
CVE-2026-5435
Description
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/nvdThird Party Advisory
News mentions
13- Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)SANS Internet Storm Center · May 1, 2026
- EtherRAT Distribution Spoofing Administrative Tools via GitHub FacadesThe Hacker News · Apr 30, 2026
- UAT-4356's Targeting of Cisco Firepower DevicesCisco Talos Intelligence · Apr 23, 2026
- IR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting public administration persistCisco Talos Intelligence · Apr 22, 2026
- Attackers Actively Exploiting Critical Vulnerability in Ninja Forms – File Upload PluginWordfence Blog · Apr 16, 2026
- Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent VulnerabilitiesCisco Talos Intelligence · Apr 14, 2026
- Wordfence Intelligence Weekly WordPress Vulnerability Report (March 23, 2026 to March 29, 2026)Wordfence Blog · Apr 2, 2026
- ‘CanisterWorm’ Springs Wiper Attack Targeting IranKrebs on Security · Mar 23, 2026
- How AI Assistants are Moving the Security GoalpostsKrebs on Security · Mar 8, 2026
- ABB Ability OPTIMAXCISA Alerts
- ABB PCM600CISA Alerts
- ABB AWIN GatewaysCISA Alerts
- ABB Edgenius Management PortalCISA Alerts