CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-58010

mediumCVSS 6.5covered by 2 sourcesfirst seen 2026-06-09
A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses > instead of >=, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information disclosure of 1 byte and a denial of service when the out-of-bounds read crosses a page boundary.

CSIRTS triage

What
Buffer over-read can occur in gvariant-serialiser.c due to certain function calls.
Who is affected
Users of Glib that utilize GVariant serialization.
Urgency
This medium severity issue should be addressed to prevent potential data leaks.
Action
Update to the latest version of Glib.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-58010

Get an email if CVE-2026-58010 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-58010

CVE.org record

Embed the live status

CVE-2026-58010 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-58010 status](https://www.csirts.com/badge/CVE-2026-58010)](https://www.csirts.com/cve/CVE-2026-58010)