CVE-2026-40468

CVE-2026-40468CVE-2026-40468

fossies / gawk

Description

Integer overflow vulnerability has been found in "builtin.c" program file of gawk. This issue may lead to memory exhaustion on the hosting operating system and could be used to overwrite gawk heap metadata and objects with attacker-controlled bytes. It affects gawk in versions 5.4.0 and below.

Scoring

CVSS 9.1 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Last modified2026-07-14
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.