Vulnerability in The Gnu C Library Glibc

CVE-2026-4046

The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulner…

EPSS: 0.001 (23.7th percentile) — read the EPSS interpretation.

Affected products

The Gnu C Library Glibc — versions 2.3.3

Weakness classification (CWE)

CWE-617 — Reachable Assertion

References

sourceware.org/bugzilla/show_bug.cgi (issue-tracking)
sourceware.org/git/ (vendor-advisory)
inbox.sourceware.org/libc-announce/76814edf-cf7f-47ec-979d-2dce0a2c76bf@gotplt… (mailing-list)