CVE-2026-0719

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-0719

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0719.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-0719

Downstream

DEBIAN-CVE-2026-0719

OESA-2026-1323

OESA-2026-1324

OESA-2026-1325

OESA-2026-1326

RHSA-2026:1948

RHSA-2026:2005

RHSA-2026:2006

RHSA-2026:2007

RHSA-2026:2008

RHSA-2026:2049

RHSA-2026:2182

RHSA-2026:2214

RHSA-2026:2215

RHSA-2026:2216

RHSA-2026:2396

RHSA-2026:2402

RHSA-2026:2512

RHSA-2026:2513

RHSA-2026:2514

RHSA-2026:2528

RHSA-2026:2529

RHSA-2026:2628

RLSA-2026:2182

RLSA-2026:2214

RLSA-2026:2215

RLSA-2026:2216

SUSE-SU-2026:0265-1

UBUNTU-CVE-2026-0719

Related

Published

2026-01-08T13:15:43.283Z

Modified

2026-03-15T22:48:53.715236Z

Severity

8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H CVSS Calculator

Summary

[none]

Details

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0719.json"