CVE-2026-5450PATCHED

gnu · glibc

scanf %mc off-by-one heap buffer overflow

Description

Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.

Affected Products

Vendor	Product	Versions
gnu	glibc	2.7

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	gnu libc	cert_advisory	90%

References

https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2026-5450(issue-tracking)
https://inbox.sourceware.org/libc-announce/b11f0003-6ec1-4bd6-b9de-9e38a4efeca3@redhat.com/T/#u(mailing-list)

Related News (5 articles)

Tier E

Hacker News17d ago

Glibc CVE-2026-5450 9.8

→ No new info (linked only)

Tier A

Microsoft MSRC54d ago

CVE-2026-5450 scanf %mc off-by-one heap buffer overflow

→ No new info (linked only)

Tier B

BSI Advisories55d ago

[NEU] [UNGEPATCHT] [kritisch] GNU libc: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB56d ago

CVE-2026-5450 | GNU C Library up to 2.43 malloc Character Match heap-based overflow

→ No new info (linked only)

Tier C

oss-security56d ago

The GNU C Library security advisories update for 2026-04-20

→ No new info (linked only)

CVSS 3.19.8 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

CWECWE-122

PublishedApr 20, 2026

Last enriched56d ago

Trending Score11

Source articles5

Independent5

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMPRE-CVE

GNU gsasl Heap Disclosure in NTLM Client Step

Trending: 23

HIGHCVE-2026-48829

CVE-2026-48829: In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known toke

Trending: 3

NONECVE-2026-6846

Binutils: binutils: arbitrary code execution via malformed xcoff object file processing

Trending: 2

NONECVE-2026-5958

Race Condition in GNU Sed

Trending: 1

HIGHCVE-2026-40556

Insecure Directory Permissions in GNU nano Leading to Privilege Abuse

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 20, 2026

Discovered by ZDM

Apr 20, 2026

Patch Available

Apr 21, 2026