Remote Application Crash Vulnerability in GNU C Library
CVE-2026-4046

7.5HIGH

Key Information:

Vendor: The Gnu C Library
Status: Glibc
Vendor: CVE Published:; 30 March 2026

🔔 Create The Gnu C Library Vulnerability Alert

What is CVE-2026-4046?

A vulnerability in the GNU C Library allows an application to crash remotely due to an assertion failure in the iconv() function. This issue arises when converting inputs from the IBM1390 or IBM1399 character sets, potentially affecting applications relying on these conversions. To mitigate this vulnerability, it is advised to remove the IBM1390 and IBM1399 character sets from systems that do not require them.

Affected Version(s)

glibc 2.3.3

References

https://sourceware.org/bugzilla/show_bug.cgi?id=33980

https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=ad...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 30, 2026
Vulnerability Reserved
Mar 12, 2026

Credit

Rocket Ma

CVE-2026-4046 Data

JSON