CVE-2026-4437

ADVISORY - nist

Summary

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.

EPSS Score⁠: 0.0005 (0.156)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

Impacted images

Advisories

NIST

CREATED

1 month ago

UPDATED

17 days ago

ADVISORY IDCVE-2026-4437⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠

CVSS SCORE

7.5high

Debian

CREATED

1 month ago

UPDATED

11 days ago

ADVISORY IDCVE-2026-4437⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

30 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-4437⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

22 days ago

UPDATED

22 days ago

ADVISORY ID

CGA-95wf-4mhc-h768

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY