Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3239 articles · 170280 vulns · 37/41 feeds (7d)
← Back to list
6.5
CVE-2026-58013EXPLOITEDPATCHED
red hat · red hat enterprise linux

Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"

Description

A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes or a denial of service when the buffer over-read crosses a page boundary.

Affected Products

VendorProductVersions
red hatred hat enterprise linux0

References

  • https://access.redhat.com/security/cve/CVE-2026-58013(vdb-entry, x_refsource_REDHAT)
  • https://bugzilla.redhat.com/show_bug.cgi?id=2492248(issue-tracking, x_refsource_REDHAT)
  • https://gitlab.gnome.org/GNOME/glib/-/issues/3925

Related News (2 articles)

Tier A
Microsoft MSRC2d ago
CVE-2026-58013 Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
→ No new info (linked only)
Tier C
VulDB2d ago
CVE-2026-58013 | GNOME GLib up to 2.88.0 giochannel.c g_io_channel_read_line_backend buffer over-read (ID 3925)
→ No new info (linked only)
CVSS 3.16.5 NONE
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
2.88.1
CWECWE-126
PublishedJun 30, 2026
Last enriched2d agov2
Tags
remote code executionfile manipulationdenial of servicemultiple vulnerabilities
Trending Score36
Source articles2
Independent2
Info Completeness9/14
Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

NONECVE-2026-14258EXP
Dhcpcd: dhcpcd infinite loop and out-of-bounds read via zero-length ipv6 nd option in router advertisement handling
Trending: 59
HIGHCVE-2026-55628EXP
ImageMagick: Policy Bypass in concatenate operation due to missing checks
Trending: 52
HIGHCVE-2026-12505EXP
Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
Trending: 39
NONECVE-2026-54369EXP
acl < 2.4.0 Symlink Traversal Privilege Escalation via libacl Functions
Trending: 37
NONECVE-2026-12388EXP
Keycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapper
Trending: 35

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 30, 2026
Discovered by ZDM
Jun 30, 2026
Updated: description, affectedVersions, severity, activelyExploited
Jun 30, 2026
Actively Exploited
Jun 30, 2026
Exploit Available
Jun 30, 2026
Patch Available
Jun 30, 2026

Version History

v2
Last enriched 2d ago
v2Tier C2d ago

Updated vendor to GNOME, product to GNOME GLib, changed severity to CRITICAL, and noted that the vulnerability is actively exploited with no exploit available.

descriptionaffectedVersionsseverityactivelyExploited
via VulDB
v12d ago

Initial creation