CVE-2026-40200

ADVISORY - nist

Summary

An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms (or the 64th Leonardo number on 64-bit platforms, which is not practical).

EPSS Score⁠: 0.00018 (0.049)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-670⁠

Always-Incorrect Control Flow Implementation

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.