gnome
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting gnome.
- CVE-2026-58016Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"7.5
- CVE-2026-58015Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive5.9
- CVE-2026-58014Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"7.3
- CVE-2026-58013Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"6.5
- CVE-2026-58012Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()6.5
- CVE-2026-58010Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()6.5
- CVE-2026-58011Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime6.5
- CVE-2026-2604Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling5.6
- CVE-2026-1767Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leading to denial of service or information disclosure via malformed mp3 id3 tags5.6
- CVE-2026-1766Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.5.6
- CVE-2026-1764Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leads to denial of service or information disclosure when parsing mp3 files5.6
- CVE-2026-2708Libsoup: libsoup: http request smuggling via duplicate content-length headers3.7
- CVE-2026-5201Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image7.5
- CVE-2026-5119Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment5.9
- CVE-2026-2436Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake6.5