Fluid Attacks Database

Description

A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	glib2.0	=2.84.3-1 \|\| =2.84.4-1 \|\| =2.84.4-2 \|\| =2.84.4-3~deb13u1 \|\| =2.84.4-3~deb13u2 \|\| >=0 <2.84.4-3~deb13u3	2.84.4-3~deb13u3
debian 12	glib2.0	=2.74.6-2 \|\| =2.74.6-2+deb12u1 \|\| =2.74.6-2+deb12u2 \|\| =2.74.6-2+deb12u3 \|\| =2.74.6-2+deb12u4 \|\| =2.74.6-2+deb12u5 \|\| =2.74.6-2+deb12u6 \|\| =2.74.6-2+deb12u7 \|\| =2.74.6-2+deb12u8 \|\| >=0 <2.74.6-2+deb12u9	2.74.6-2+deb12u9
debian 11	glib2.0	=2.66.8-1 \|\| =2.66.8-1+deb11u1 \|\| =2.66.8-1+deb11u2 \|\| =2.66.8-1+deb11u3 \|\| =2.66.8-1+deb11u4 \|\| =2.66.8-1+deb11u5 \|\| =2.66.8-1+deb11u6 \|\| =2.66.8-1+deb11u7 \|\| >=0 <2.66.8-1+deb11u8	2.66.8-1+deb11u8
debian 14	glib2.0	=2.84.3-1 \|\| =2.84.4-1 \|\| =2.84.4-2 \|\| =2.84.4-3 \|\| =2.84.4-3~deb13u1 \|\| =2.84.4-3~deb13u2 \|\| =2.84.4-3~deb13u3 \|\| =2.85.1-1 \|\| =2.85.1-2 \|\| =2.85.2-2 \|\| =2.85.3-1 \|\| =2.85.4-1 \|\| =2.86.0-1 \|\| =2.86.0-2 \|\| =2.86.0-3 \|\| =2.86.0-4 \|\| =2.86.0-5 \|\| =2.86.0-6 \|\| =2.86.0-7 \|\| =2.86.1-1 \|\| =2.86.1-2 \|\| =2.86.2-1 \|\| =2.86.3-1 \|\| =2.86.3-2 \|\| =2.86.3-3 \|\| =2.86.3-4 \|\| >=0 <2.86.3-5	2.86.3-5
rpm rhel10	glib2	-	-
rpm rhel6	glib2	-	-
rpm rhel10	mingw-glib2	-	-
rpm rhel10	papers	-	-
rpm rhel7	glib2	-	-
rpm rhel10	bootc	-	-

1-10 of 20

Aliases

1. CVE-2026-14892. NVD-2026-14893. OSV-DEBIAN-2026-14894. OSV-2026-14895. SECURITY-TRACKER-CVE-2026-1489

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.