CVE-2026-1484

low-risk

Published 2026-01-27

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.2/10 Medium

NETWORK / HIGH complexity

References (3)

https://access.redhat.com/security/cve/CVE-2026-1484

https://bugzilla.redhat.com/show_bug.cgi?id=2433259

https://gitlab.gnome.org/GNOME/glib/-/issues/3870

/ 100

low-risk

Severity 14/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal