CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-58014

highCVSS 7.3covered by 2 sourcesfirst seen 2026-06-09
A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundary.

CSIRTS triage

What
An off-by-one error exists in the function 'g_key_file_get_locale_string_list'.
Who is affected
Deployments of Glib that use the affected function.
Urgency
Remediation is urgent due to the high severity of the vulnerability.
Action
Update to the latest version of Glib to address this issue.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-58014

Get an email if CVE-2026-58014 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-58014

CVE.org record

Embed the live status

CVE-2026-58014 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-58014 status](https://www.csirts.com/badge/CVE-2026-58014)](https://www.csirts.com/cve/CVE-2026-58014)