CVE-2026-0988 - Vulnerability Details - OpenCVE

No description is available for this CVE.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2026-0988
https://www.cve.org/CVERecord?id=CVE-2026-0988

History

Fri, 16 Jan 2026 00:15:00 +0000

Type	Values Removed	Values Added
Description		No description is available for this CVE.
Title		glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()
Weaknesses		CWE-190
References		https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://www.cve.org/CVERecord?id=CVE-2026-0988
Metrics	threat_severity `None`	cvssV3_1 `{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L'}` threat_severity `Low`

Projects

Sign in to view the affected projects.

MITRE

No data.

Vulnrichment

No data.

NVD

No data.

Redhat

Severity : Low

Publid Date: 2026-01-15T00:00:00Z

Links: CVE-2026-0988 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-190

{"acknowledgement": "Red Hat would like to thank Codean Labs for reporting this issue.", "bugzilla": {"description": "glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()", "id": "2429886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429886"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-190", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-0988", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "bootc", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "glycin-loaders", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "loupe", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "mingw-glib2", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "papers", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "rpm-ostree", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "librsvg2", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "mingw-glib2", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "bootc", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "librsvg2", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "mingw-glib2", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-01-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-0988\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-0988"], "statement": "This vulnerability is rated Moderate for Red Hat. An integer overflow in the `g_buffered_input_stream_peek()` function of the GLib library can lead to a Denial of Service. Exploitation requires specially crafted input and is subject to strict preconditions, primarily causing application crashes.", "threat_severity": "Low"}